From 1cbf881835fc33859a31645f886c5d3787ed48f8 Mon Sep 17 00:00:00 2001
From: Kjetil Orbekk <kj@orbekk.com>
Date: Sat, 8 Oct 2022 10:30:15 -0400
Subject: Add access token validation

---
 server/src/error.rs | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 server/src/error.rs

(limited to 'server/src/error.rs')

diff --git a/server/src/error.rs b/server/src/error.rs
new file mode 100644
index 0000000..439e81b
--- /dev/null
+++ b/server/src/error.rs
@@ -0,0 +1,28 @@
+use axum::{http::StatusCode, response::IntoResponse};
+use openidconnect::{core::CoreErrorResponseType, StandardErrorResponse, ClaimsVerificationError};
+
+type RequestTokenError = openidconnect::RequestTokenError<
+    openidconnect::reqwest::Error<reqwest::Error>,
+    StandardErrorResponse<CoreErrorResponseType>,
+>;
+
+#[derive(thiserror::Error, Debug)]
+pub enum BridgeError {
+    #[error("Invalid request: {0}")]
+    InvalidRequest(String),
+
+    #[error("Backend request failed")]
+    Backend(#[from] RequestTokenError),
+
+    #[error("Unexpected authorization error")]
+    UnexpectedInvalidAuthorization(#[from] ClaimsVerificationError),
+    
+    #[error("Internal server error: {0}")]
+    Internal(String),
+}
+
+impl IntoResponse for BridgeError {
+    fn into_response(self) -> axum::response::Response {
+        (StatusCode::INTERNAL_SERVER_ERROR, format!("Error: {self}")).into_response()
+    }
+}
-- 
cgit v1.2.3