kayrozen.com
forked from
smokesignal.events/smokesignal
i18n+filtering fork - fluent-templates v2
1use thiserror::Error;
2
3/// Represents errors that can occur during JOSE (JSON Object Signing and Encryption) operations.
4///
5/// These errors are related to JSON Web Token (JWT) signing and verification,
6/// JSON Web Key (JWK) operations, and DPoP (Demonstrating Proof-of-Possession) functionality.
7#[derive(Debug, Error)]
8pub enum JoseError {
9 /// Error when token signing fails.
10 ///
11 /// This error occurs when the application tries to sign a JWT token
12 /// using an ECDSA signing key but the signing operation fails.
13 #[error("error-jose-1 Failed to sign token: {0:?}")]
14 SigningFailed(p256::ecdsa::Error),
15
16 /// Error when a required signing key is not found.
17 ///
18 /// This error occurs when the application tries to use a signing key
19 /// that is not available in the loaded configuration.
20 #[error("error-jose-2 Signing key not found")]
21 SigningKeyNotFound,
22
23 /// Error when a simple error cannot be parsed.
24 ///
25 /// This error occurs when the application fails to parse an error
26 /// response from an OAuth server.
27 #[error("error-jose-3 Unable to parse simple error")]
28 UnableToParseSimpleError,
29
30 /// Error when a required DPoP header is missing.
31 ///
32 /// This error occurs when making a request to a protected resource
33 /// that requires a DPoP header, but the header is not present.
34 #[error("error-jose-4 Missing DPoP header")]
35 MissingDpopHeader,
36
37 /// Error when a DPoP header cannot be parsed.
38 ///
39 /// This error occurs when the application receives a DPoP header
40 /// that is malformed or contains invalid data.
41 #[error("error-jose-5 Unable to parse DPoP header: {0}")]
42 UnableToParseDpopHeader(String),
43
44 /// Error when a DPoP proof token cannot be created.
45 ///
46 /// This error occurs when the application fails to create a valid
47 /// DPoP proof token required for accessing protected resources.
48 #[error("error-jose-6 Unable to mint DPoP proof token: {0}")]
49 UnableToMintDpopProofToken(String),
50
51 /// Error when an unexpected error occurs during JOSE operations.
52 ///
53 /// This is a catch-all error for unexpected issues that occur
54 /// during JOSE-related operations.
55 #[error("error-jose-7 Unexpected error: {0}")]
56 UnexpectedError(String),
57
58 /// Error when a JWT token has an invalid format.
59 ///
60 /// This error occurs when a JWT token doesn't have three parts
61 /// separated by periods (header.payload.signature).
62 #[error("error-jose-8 Invalid token format")]
63 InvalidTokenFormat,
64
65 /// Error when a JWT header cannot be decoded or parsed.
66 ///
67 /// This error occurs when the header part of a JWT token contains
68 /// invalid base64url-encoded data or invalid JSON.
69 #[error("error-jose-9 Invalid token header")]
70 InvalidHeader,
71
72 /// Error when a JWT claims part cannot be decoded or parsed.
73 ///
74 /// This error occurs when the claims part of a JWT token contains
75 /// invalid base64url-encoded data or invalid JSON.
76 #[error("error-jose-10 Invalid token claims")]
77 InvalidClaims,
78
79 /// Error when a JWT signature cannot be decoded.
80 ///
81 /// This error occurs when the signature part of a JWT token contains
82 /// invalid base64url-encoded data.
83 #[error("error-jose-11 Invalid token signature")]
84 InvalidSignature,
85
86 /// Error when JWT signature verification fails.
87 ///
88 /// This error occurs when the signature of a JWT token doesn't match
89 /// the expected signature computed from the header and claims.
90 #[error("error-jose-12 Signature verification failed")]
91 SignatureVerificationFailed,
92
93 /// Error when a JWT token has expired.
94 ///
95 /// This error occurs when the current time is past the expiration
96 /// time (exp) specified in the JWT claims.
97 #[error("error-jose-13 Token has expired")]
98 TokenExpired,
99
100 /// Error when a JWT token is not yet valid.
101 ///
102 /// This error occurs when the current time is before the not-before
103 /// time (nbf) specified in the JWT claims.
104 #[error("error-jose-14 Token is not yet valid")]
105 TokenNotYetValid,
106
107 /// Error when the system time cannot be determined.
108 ///
109 /// This rare error occurs when the system time cannot be retrieved
110 /// or is invalid.
111 #[error("error-jose-15 System time error")]
112 SystemTimeError,
113
114 /// Error when a JWT token uses an unsupported algorithm.
115 ///
116 /// This error occurs when the JWT token uses an algorithm (alg)
117 /// that the application doesn't support or allow.
118 #[error("error-jose-16 Unsupported algorithm")]
119 UnsupportedAlgorithm,
120
121 /// Error when a JWT token has invalid key parameters.
122 ///
123 /// This error occurs when the JWT token uses key parameters that
124 /// are invalid or not supported.
125 #[error("error-jose-17 Invalid key parameters: {0}")]
126 InvalidKeyParameters(String),
127}
128
129/// Represents errors that can occur during JSON Web Key (JWK) operations.
130///
131/// These errors relate to operations with cryptographic keys in JWK format.
132#[derive(Debug, Error)]
133pub enum JwkError {
134 /// Error when a secret JWK key is not found.
135 ///
136 /// This error occurs when the application tries to use a secret JWK key
137 /// that is not available in the loaded configuration.
138 #[error("error-jwk-1 Secret JWK key not found")]
139 SecretKeyNotFound,
140}