Use an enum for client error codes

Replace the ClientError constants with From<ClientErrorCode>.
2025-11-20 12:02:22 +03:00 · 2022-08-24 11:24:57 +02:00
parent 348044afdc
commit ee47c821e3
6 changed files with 421 additions and 181 deletions
--- a/crates/handlers/src/oauth2/token.rs
+++ b/crates/handlers/src/oauth2/token.rs
@@ -43,7 +43,7 @@ use mas_storage::{
    DatabaseInconsistencyError, PostgresqlBackend,
 };
 use oauth2_types::{
-    errors::{INVALID_CLIENT, INVALID_GRANT, INVALID_REQUEST, SERVER_ERROR, UNAUTHORIZED_CLIENT},
+    errors::{ClientError, ClientErrorCode},
    pkce::CodeChallengeError,
    requests::{
        AccessTokenRequest, AccessTokenResponse, AuthorizationCodeGrant, RefreshTokenGrant,
@@ -129,21 +129,33 @@ impl From<RefreshTokenLookupError> for RouteError {
 impl IntoResponse for RouteError {
    fn into_response(self) -> axum::response::Response {
        match self {
-            Self::Internal(_) | Self::Anyhow(_) => {
-                (StatusCode::INTERNAL_SERVER_ERROR, Json(SERVER_ERROR))
-            }
-            Self::BadRequest => (StatusCode::BAD_REQUEST, Json(INVALID_REQUEST)),
+            Self::Internal(_) | Self::Anyhow(_) => (
+                StatusCode::INTERNAL_SERVER_ERROR,
+                Json(ClientError::from(ClientErrorCode::ServerError)),
+            ),
+            Self::BadRequest => (
+                StatusCode::BAD_REQUEST,
+                Json(ClientError::from(ClientErrorCode::InvalidRequest)),
+            ),
            Self::PkceVerification(err) => (
                StatusCode::BAD_REQUEST,
-                Json(INVALID_GRANT.with_description(format!("PKCE verification failed: {err}"))),
+                Json(
+                    ClientError::from(ClientErrorCode::InvalidGrant)
+                        .with_description(format!("PKCE verification failed: {err}")),
+                ),
+            ),
+            Self::ClientNotFound | Self::ClientCredentialsVerification(_) => (
+                StatusCode::UNAUTHORIZED,
+                Json(ClientError::from(ClientErrorCode::InvalidClient)),
+            ),
+            Self::ClientNotAllowed | Self::UnauthorizedClient => (
+                StatusCode::UNAUTHORIZED,
+                Json(ClientError::from(ClientErrorCode::UnauthorizedClient)),
+            ),
+            Self::InvalidGrant => (
+                StatusCode::BAD_REQUEST,
+                Json(ClientError::from(ClientErrorCode::InvalidGrant)),
            ),
-            Self::ClientNotFound | Self::ClientCredentialsVerification(_) => {
-                (StatusCode::UNAUTHORIZED, Json(INVALID_CLIENT))
-            }
-            Self::ClientNotAllowed | Self::UnauthorizedClient => {
-                (StatusCode::UNAUTHORIZED, Json(UNAUTHORIZED_CLIENT))
-            }
-            Self::InvalidGrant => (StatusCode::BAD_REQUEST, Json(INVALID_GRANT)),
        }
        .into_response()
    }