diff --git a/crates/oidc-client/src/error.rs b/crates/oidc-client/src/error.rs index 955750b2..cb667c6e 100644 --- a/crates/oidc-client/src/error.rs +++ b/crates/oidc-client/src/error.rs @@ -451,9 +451,13 @@ pub enum UserInfoError { #[error("could not decoded response content-type: {0}")] DecodeResponseContentType(#[from] ToStrError), + /// The content-type is not valid. + #[error("invalid response content-type: {0}")] + InvalidResponseContentTypeValue(#[from] mime::FromStrError), + /// The content-type is not the one that was expected. - #[error("invalid response content-type {got:?}, expected {expected:?}")] - InvalidResponseContentType { + #[error("unexpected response content-type {got:?}, expected {expected:?}")] + UnexpectedResponseContentType { /// The expected content-type. expected: String, /// The returned content-type. diff --git a/crates/oidc-client/src/requests/userinfo.rs b/crates/oidc-client/src/requests/userinfo.rs index c4b8d5e2..89a7698b 100644 --- a/crates/oidc-client/src/requests/userinfo.rs +++ b/crates/oidc-client/src/requests/userinfo.rs @@ -23,6 +23,7 @@ use headers::{Authorization, HeaderMapExt, HeaderValue}; use http::header::{ACCEPT, CONTENT_TYPE}; use mas_http::CatchHttpCodesLayer; use mas_jose::claims; +use mime::Mime; use serde_json::Value; use tower::{Layer, Service, ServiceExt}; use url::Url; @@ -98,16 +99,17 @@ pub async fn fetch_userinfo( .call(userinfo_request) .await?; - let content_type = userinfo_response + let content_type: Mime = userinfo_response .headers() .get(CONTENT_TYPE) .ok_or(UserInfoError::MissingResponseContentType)? - .to_str()?; + .to_str()? + .parse()?; - if content_type != expected_content_type { - return Err(UserInfoError::InvalidResponseContentType { + if content_type.essence_str() != expected_content_type { + return Err(UserInfoError::UnexpectedResponseContentType { expected: expected_content_type.to_owned(), - got: content_type.to_owned(), + got: content_type.to_string(), }); }