lewis.moe / bspds-sandbox
this repo has no description
fork atom
bspds-sandbox / src / oauth / error.rs
at 61e33ca7dae83495128e4f850515e54bf64ac1a1 3.6 kB view raw
1use axum::{ 2 Json, 3 http::StatusCode, 4 response::{IntoResponse, Response}, 5}; 6use serde::Serialize; 7 8#[derive(Debug)] 9pub enum OAuthError { 10 InvalidRequest(String), 11 InvalidClient(String), 12 InvalidGrant(String), 13 UnauthorizedClient(String), 14 UnsupportedGrantType(String), 15 InvalidScope(String), 16 AccessDenied(String), 17 ServerError(String), 18 UseDpopNonce(String), 19 InvalidDpopProof(String), 20 ExpiredToken(String), 21 InvalidToken(String), 22 RateLimited, 23} 24 25#[derive(Serialize)] 26struct OAuthErrorResponse { 27 error: String, 28 error_description: Option<String>, 29} 30 31impl IntoResponse for OAuthError { 32 fn into_response(self) -> Response { 33 let (status, error, description) = match self { 34 OAuthError::InvalidRequest(msg) => { 35 (StatusCode::BAD_REQUEST, "invalid_request", Some(msg)) 36 } 37 OAuthError::InvalidClient(msg) => { 38 (StatusCode::UNAUTHORIZED, "invalid_client", Some(msg)) 39 } 40 OAuthError::InvalidGrant(msg) => { 41 (StatusCode::BAD_REQUEST, "invalid_grant", Some(msg)) 42 } 43 OAuthError::UnauthorizedClient(msg) => { 44 (StatusCode::UNAUTHORIZED, "unauthorized_client", Some(msg)) 45 } 46 OAuthError::UnsupportedGrantType(msg) => { 47 (StatusCode::BAD_REQUEST, "unsupported_grant_type", Some(msg)) 48 } 49 OAuthError::InvalidScope(msg) => { 50 (StatusCode::BAD_REQUEST, "invalid_scope", Some(msg)) 51 } 52 OAuthError::AccessDenied(msg) => { 53 (StatusCode::FORBIDDEN, "access_denied", Some(msg)) 54 } 55 OAuthError::ServerError(msg) => { 56 (StatusCode::INTERNAL_SERVER_ERROR, "server_error", Some(msg)) 57 } 58 OAuthError::UseDpopNonce(nonce) => { 59 return ( 60 StatusCode::BAD_REQUEST, 61 [("DPoP-Nonce", nonce)], 62 Json(OAuthErrorResponse { 63 error: "use_dpop_nonce".to_string(), 64 error_description: Some("A DPoP nonce is required".to_string()), 65 }), 66 ) 67 .into_response(); 68 } 69 OAuthError::InvalidDpopProof(msg) => { 70 (StatusCode::UNAUTHORIZED, "invalid_dpop_proof", Some(msg)) 71 } 72 OAuthError::ExpiredToken(msg) => { 73 (StatusCode::UNAUTHORIZED, "invalid_token", Some(msg)) 74 } 75 OAuthError::InvalidToken(msg) => { 76 (StatusCode::UNAUTHORIZED, "invalid_token", Some(msg)) 77 } 78 OAuthError::RateLimited => { 79 (StatusCode::TOO_MANY_REQUESTS, "rate_limited", Some("Too many requests. Please try again later.".to_string())) 80 } 81 }; 82 ( 83 status, 84 Json(OAuthErrorResponse { 85 error: error.to_string(), 86 error_description: description, 87 }), 88 ) 89 .into_response() 90 } 91} 92 93impl From<sqlx::Error> for OAuthError { 94 fn from(err: sqlx::Error) -> Self { 95 tracing::error!("Database error in OAuth flow: {}", err); 96 OAuthError::ServerError("An internal error occurred".to_string()) 97 } 98} 99 100impl From<anyhow::Error> for OAuthError { 101 fn from(err: anyhow::Error) -> Self { 102 tracing::error!("Internal error in OAuth flow: {}", err); 103 OAuthError::ServerError("An internal error occurred".to_string()) 104 } 105}