You've already forked authentication-service
mirror of
https://github.com/matrix-org/matrix-authentication-service.git
synced 2025-07-31 09:24:31 +03:00
Make the introspection endpoint return JSON error responses
This commit is contained in:
Hugh Nimmo-Smith
committed by
Quentin Gliech
Quentin Gliech
parent
a475a9a164
commit
61b14a08b3
@ -28,7 +28,10 @@ use mas_storage::{
|
|||||||
},
|
},
|
||||||
Clock,
|
Clock,
|
||||||
};
|
};
|
||||||
use oauth2_types::requests::{IntrospectionRequest, IntrospectionResponse};
|
use oauth2_types::{
|
||||||
|
errors::{ClientError, ClientErrorCode},
|
||||||
|
requests::{IntrospectionRequest, IntrospectionResponse},
|
||||||
|
};
|
||||||
use sqlx::PgPool;
|
use sqlx::PgPool;
|
||||||
use thiserror::Error;
|
use thiserror::Error;
|
||||||
|
|
||||||
@ -58,18 +61,35 @@ pub enum RouteError {
|
|||||||
impl IntoResponse for RouteError {
|
impl IntoResponse for RouteError {
|
||||||
fn into_response(self) -> axum::response::Response {
|
fn into_response(self) -> axum::response::Response {
|
||||||
match self {
|
match self {
|
||||||
Self::Internal(e) => (StatusCode::INTERNAL_SERVER_ERROR, e.to_string()).into_response(),
|
Self::Internal(e) => (
|
||||||
Self::ClientNotFound => (StatusCode::UNAUTHORIZED, "client not found").into_response(),
|
StatusCode::INTERNAL_SERVER_ERROR,
|
||||||
|
Json(
|
||||||
|
ClientError::from(ClientErrorCode::ServerError).with_description(e.to_string()),
|
||||||
|
),
|
||||||
|
)
|
||||||
|
.into_response(),
|
||||||
|
Self::ClientNotFound => (
|
||||||
|
StatusCode::UNAUTHORIZED,
|
||||||
|
Json(ClientError::from(ClientErrorCode::InvalidClient)),
|
||||||
|
)
|
||||||
|
.into_response(),
|
||||||
|
Self::ClientCredentialsVerification(e) => (
|
||||||
|
StatusCode::UNAUTHORIZED,
|
||||||
|
Json(
|
||||||
|
ClientError::from(ClientErrorCode::InvalidClient)
|
||||||
|
.with_description(e.to_string()),
|
||||||
|
),
|
||||||
|
)
|
||||||
|
.into_response(),
|
||||||
Self::UnknownToken => Json(INACTIVE).into_response(),
|
Self::UnknownToken => Json(INACTIVE).into_response(),
|
||||||
Self::NotAllowed => (
|
Self::NotAllowed => (
|
||||||
StatusCode::UNAUTHORIZED,
|
StatusCode::UNAUTHORIZED,
|
||||||
"client can't use the introspection endpoint",
|
Json(ClientError::from(ClientErrorCode::AccessDenied)),
|
||||||
)
|
)
|
||||||
.into_response(),
|
.into_response(),
|
||||||
Self::BadRequest => StatusCode::BAD_REQUEST.into_response(),
|
Self::BadRequest => (
|
||||||
Self::ClientCredentialsVerification(_c) => (
|
StatusCode::BAD_REQUEST,
|
||||||
StatusCode::UNAUTHORIZED,
|
Json(ClientError::from(ClientErrorCode::InvalidRequest)),
|
||||||
"could not verify client credentials",
|
|
||||||
)
|
)
|
||||||
.into_response(),
|
.into_response(),
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user