authly_client/
error.rs

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
use crate::{IDENTITY_PATH, K8S_SA_TOKENFILE_PATH, LOCAL_CA_CERT_PATH};

/// Errors that can happen either during client configuration or while communicating over the network.
#[derive(thiserror::Error, Debug)]
#[non_exhaustive]
pub enum Error {
    /// Error generating a private key.
    #[error("private key gen error")]
    PrivateKeyGen,

    /// AuthlyCA not inferred from standard location
    #[error("Authly CA does not exist at {LOCAL_CA_CERT_PATH}")]
    AuthlyCAmissingInEtc,

    /// A problem with the Authly Certificate Authority.
    #[error("Authly CA error: {0}")]
    AuthlyCA(&'static str),

    /// A problem with the client identity.
    #[error("identity error: {0}")]
    Identity(&'static str),

    /// A problem with TLS infrastructure
    #[error("tls problem: {0}")]
    Tls(&'static str),

    /// Automatic environment inference did not work.
    #[error(
        "environment not inferrable: Neither {IDENTITY_PATH} or {K8S_SA_TOKENFILE_PATH} exists"
    )]
    EnvironmentNotInferrable,

    /// Invalid Common Name in certificate signing request.
    #[error("invalid X509 common name")]
    InvalidCommonName,

    /// A party was not authenticated or an operation was forbidden.
    #[error("unauthorized: {0}")]
    Unauthorized(anyhow::Error),

    /// A network problem.
    #[error("network error: {0}")]
    Network(anyhow::Error),

    /// An access token problem.
    #[error("invalid access token: {0}")]
    InvalidAccessToken(anyhow::Error),

    /// A codec problem, usually related to network protocols.
    #[error("encoding error: {0}")]
    Codec(anyhow::Error),

    /// Invalid property/attribute label
    #[error("invalid property/attribute label")]
    InvalidPropertyAttributeLabel,

    /// Other type of unclassified error.
    #[error("unclassified error: {0}")]
    Unclassified(anyhow::Error),
}

pub(crate) fn unclassified(err: impl std::error::Error + Send + Sync + 'static) -> Error {
    Error::Unclassified(anyhow::Error::from(err))
}

pub(crate) fn tonic(err: tonic::Status) -> Error {
    match err.code() {
        tonic::Code::Unauthenticated => Error::Unauthorized(err.into()),
        tonic::Code::PermissionDenied => Error::Unauthorized(err.into()),
        _ => Error::Network(err.into()),
    }
}

pub(crate) fn network(err: impl std::error::Error + Send + Sync + 'static) -> Error {
    Error::Unauthorized(anyhow::Error::from(err))
}

pub(crate) fn unauthorized(err: impl std::error::Error + Send + Sync + 'static) -> Error {
    Error::Unauthorized(anyhow::Error::from(err))
}