Skip to main content

securitydept_token_set_context/
orchestration.rs

1//! Shared orchestration abstractions — cross-mode lifecycle infrastructure.
2//!
3//! This module provides types and utilities shared across all OIDC modes:
4//!
5//! - [`OidcSharedConfig`] — shared OIDC provider connectivity config
6//! - [`BackendConfigError`] — unified config resolution error
7//! - Infrastructure re-exports (provider, OIDC client, resource server)
8//!
9//! Adopters working with mode-specific config resolution should start here
10//! for shared defaults, then use the appropriate `*_mode` module for
11//! mode-specific config types.
12
13// Re-export shared-defaults core so adopters don't need to depend on
14// securitydept-oauth-provider directly.
15pub use securitydept_oauth_provider::OidcSharedConfig;
16// Re-export infrastructure types that adopters commonly need during
17// config resolution — both configuration and runtime.
18pub use securitydept_oauth_provider::{OAuthProviderConfig, OAuthProviderRuntime};
19pub use securitydept_oauth_resource_server::{
20    OAuthResourceServerConfig, OAuthResourceServerIntrospectionConfig,
21};
22pub use securitydept_oidc_client::{
23    OidcClient, OidcClientConfig, OidcClientRawConfig, PendingOauthStoreConfig,
24};
25
26// ---------------------------------------------------------------------------
27// Unified config resolution error
28// ---------------------------------------------------------------------------
29
30/// Unified error for backend config resolution across all modes.
31///
32/// Each variant identifies which sub-config caused the failure, enabling
33/// adopters to produce clear diagnostics without matching on mode-specific
34/// error types.
35#[derive(Debug)]
36pub enum BackendConfigError {
37    OidcClient(securitydept_oidc_client::OidcError),
38    ResourceServer(securitydept_oauth_resource_server::OAuthResourceServerError),
39    BackendOidcModeRuntime(crate::backend_oidc_mode::BackendOidcModeRuntimeError),
40    TokenPropagation(crate::access_token_substrate::TokenPropagatorError),
41}
42
43impl std::fmt::Display for BackendConfigError {
44    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
45        match self {
46            Self::OidcClient(e) => write!(f, "oidc_client config: {e}"),
47            Self::ResourceServer(e) => write!(f, "oauth_resource_server config: {e}"),
48            Self::BackendOidcModeRuntime(e) => write!(f, "backend_oidc_mode_runtime: {e}"),
49            Self::TokenPropagation(e) => write!(f, "token_propagation config: {e}"),
50        }
51    }
52}
53
54impl std::error::Error for BackendConfigError {
55    fn source(&self) -> Option<&(dyn std::error::Error + 'static)> {
56        match self {
57            Self::OidcClient(e) => Some(e),
58            Self::ResourceServer(e) => Some(e),
59            Self::BackendOidcModeRuntime(e) => Some(e),
60            Self::TokenPropagation(e) => Some(e),
61        }
62    }
63}
64
65impl From<securitydept_oidc_client::OidcError> for BackendConfigError {
66    fn from(e: securitydept_oidc_client::OidcError) -> Self {
67        Self::OidcClient(e)
68    }
69}
70
71impl From<securitydept_oauth_resource_server::OAuthResourceServerError> for BackendConfigError {
72    fn from(e: securitydept_oauth_resource_server::OAuthResourceServerError) -> Self {
73        Self::ResourceServer(e)
74    }
75}
76
77impl From<crate::backend_oidc_mode::BackendOidcModeRuntimeError> for BackendConfigError {
78    fn from(e: crate::backend_oidc_mode::BackendOidcModeRuntimeError) -> Self {
79        Self::BackendOidcModeRuntime(e)
80    }
81}