Skip to main content

securitydept_token_set_context/
orchestration.rs

1//! Shared orchestration abstractions — cross-mode lifecycle infrastructure.
2//!
3//! This module provides types and utilities shared across all OIDC modes:
4//!
5//! - [`OidcSharedConfig`] — shared OIDC provider connectivity config
6//! - [`BackendConfigError`] — unified config resolution error
7//! - Infrastructure re-exports (provider, OIDC client, resource server)
8//!
9//! Adopters working with mode-specific config resolution should start here
10//! for shared defaults, then use the appropriate `*_mode` module for
11//! mode-specific config types.
12
13// Re-export shared-defaults core so adopters don't need to depend on
14// securitydept-oauth-provider directly.
15pub use securitydept_oauth_provider::OidcSharedConfig;
16// Re-export infrastructure types that adopters commonly need during
17// config resolution — both configuration and runtime.
18pub use securitydept_oauth_provider::{OAuthProviderConfig, OAuthProviderRuntime};
19pub use securitydept_oauth_resource_server::{
20    OAuthResourceServerConfig, OAuthResourceServerIntrospectionConfig,
21};
22pub use securitydept_oidc_client::{
23    OidcClient, OidcClientConfig, OidcClientRawConfig, PendingOauthStoreConfig,
24};
25
26// ---------------------------------------------------------------------------
27// Unified config resolution error
28// ---------------------------------------------------------------------------
29
30/// Unified error for backend config resolution across all modes.
31///
32/// Each variant identifies which sub-config caused the failure, enabling
33/// adopters to produce clear diagnostics without matching on mode-specific
34/// error types.
35#[derive(Debug)]
36pub enum BackendConfigError {
37    OidcClient(securitydept_oidc_client::OidcError),
38    ResourceServer(securitydept_oauth_resource_server::OAuthResourceServerError),
39    AccessTokenSubstrateValidation(
40        crate::access_token_substrate::AccessTokenSubstrateConfigValidationError,
41    ),
42    BackendOidcModeValidation(crate::backend_oidc_mode::BackendOidcModeConfigValidationError),
43    FrontendOidcModeValidation(crate::frontend_oidc_mode::FrontendOidcModeConfigValidationError),
44    BackendOidcModeRuntime(crate::backend_oidc_mode::BackendOidcModeRuntimeError),
45    TokenPropagation(crate::access_token_substrate::TokenPropagatorError),
46}
47
48impl std::fmt::Display for BackendConfigError {
49    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
50        match self {
51            Self::OidcClient(e) => write!(f, "oidc_client config: {e}"),
52            Self::ResourceServer(e) => write!(f, "oauth_resource_server config: {e}"),
53            Self::AccessTokenSubstrateValidation(e) => {
54                write!(f, "access_token_substrate validation: {e}")
55            }
56            Self::BackendOidcModeValidation(e) => write!(f, "backend_oidc validation: {e}"),
57            Self::FrontendOidcModeValidation(e) => write!(f, "frontend_oidc validation: {e}"),
58            Self::BackendOidcModeRuntime(e) => write!(f, "backend_oidc_mode_runtime: {e}"),
59            Self::TokenPropagation(e) => write!(f, "token_propagation config: {e}"),
60        }
61    }
62}
63
64impl std::error::Error for BackendConfigError {
65    fn source(&self) -> Option<&(dyn std::error::Error + 'static)> {
66        match self {
67            Self::OidcClient(e) => Some(e),
68            Self::ResourceServer(e) => Some(e),
69            Self::AccessTokenSubstrateValidation(e) => Some(e),
70            Self::BackendOidcModeValidation(e) => Some(e),
71            Self::FrontendOidcModeValidation(e) => Some(e),
72            Self::BackendOidcModeRuntime(e) => Some(e),
73            Self::TokenPropagation(e) => Some(e),
74        }
75    }
76}
77
78impl From<securitydept_oidc_client::OidcError> for BackendConfigError {
79    fn from(e: securitydept_oidc_client::OidcError) -> Self {
80        Self::OidcClient(e)
81    }
82}
83
84impl From<securitydept_oauth_resource_server::OAuthResourceServerError> for BackendConfigError {
85    fn from(e: securitydept_oauth_resource_server::OAuthResourceServerError) -> Self {
86        Self::ResourceServer(e)
87    }
88}
89
90impl From<crate::access_token_substrate::AccessTokenSubstrateConfigValidationError>
91    for BackendConfigError
92{
93    fn from(e: crate::access_token_substrate::AccessTokenSubstrateConfigValidationError) -> Self {
94        Self::AccessTokenSubstrateValidation(e)
95    }
96}
97
98impl From<crate::backend_oidc_mode::BackendOidcModeRuntimeError> for BackendConfigError {
99    fn from(e: crate::backend_oidc_mode::BackendOidcModeRuntimeError) -> Self {
100        Self::BackendOidcModeRuntime(e)
101    }
102}
103
104impl From<crate::backend_oidc_mode::BackendOidcModeConfigValidationError> for BackendConfigError {
105    fn from(e: crate::backend_oidc_mode::BackendOidcModeConfigValidationError) -> Self {
106        Self::BackendOidcModeValidation(e)
107    }
108}
109
110impl From<crate::frontend_oidc_mode::FrontendOidcModeConfigValidationError> for BackendConfigError {
111    fn from(e: crate::frontend_oidc_mode::FrontendOidcModeConfigValidationError) -> Self {
112        Self::FrontendOidcModeValidation(e)
113    }
114}