fix: oidc: Wrap oidc cookie errors with enum

So they can be extracted later on if needed
philipcristiano · Oct 3, 2024 · 3785b3b · 3785b3b
1 parent 9e05322
commit 3785b3b
Show file tree

Hide file tree

Showing 2 changed files with 43 additions and 16 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -36,6 +36,7 @@ axum-core =   {version = "0.4.3", optional = true}
 async-trait = {version = "0.1.80", optional = true}
 redacted = {version = "0.2.0", optional = true}
 chrono = {version = "0.4.38", optional = true}
+thiserror = "1.0.64"
 
 [features]
 all = ["tracing", "oidc", "tracing-http"]

diff --git a/src/oidc.rs b/src/oidc.rs
@@ -80,6 +80,29 @@ fn uic_name_to_name(
     None
 }
 
+use thiserror::Error;
+#[derive(Error, Debug)]
+pub enum OIDCUserError {
+    #[error("Error loading cookies")]
+    CookieLoadError,
+    #[error("Missing Cookie")]
+    MissingCookie,
+    #[error("Problem during cookie Deserialize {0}")]
+    CookieDeserializeError(serde_json::Error),
+}
+impl axum::response::IntoResponse for OIDCUserError {
+    fn into_response(self) -> Response {
+        let r = match self {
+            OIDCUserError::CookieLoadError => (StatusCode::BAD_REQUEST, "Error loading cookies"),
+            OIDCUserError::MissingCookie => (StatusCode::BAD_REQUEST, "Missing User Cookie"),
+            OIDCUserError::CookieDeserializeError(_) => {
+                (StatusCode::BAD_REQUEST, "Problem with user cookie")
+            }
+        };
+        r.into_response()
+    }
+}
+
 use async_trait::async_trait;
 use axum_core::extract::FromRequestParts;
 use http::request::Parts;
@@ -89,25 +112,28 @@ impl<S> FromRequestParts<S> for OIDCUser
 where
     S: Send + Sync,
 {
-    type Rejection = (http::StatusCode, &'static str);
+    type Rejection = OIDCUserError;
 
     async fn from_request_parts(req: &mut Parts, state: &S) -> Result<Self, Self::Rejection> {
-        let cookies = Cookies::from_request_parts(req, state).await?;
-        let key = KEY.get().unwrap();
-        let private_cookies = cookies.private(key);
-
-        let cookie = match private_cookies.get(USER_COOKIE_NAME) {
-            Some(c) => c,
-            _ => return Err((StatusCode::BAD_REQUEST, "User Cookie problem a")),
-        };
-        let oidc_user = serde_json::from_str(&cookie.value());
-
-        match oidc_user {
-            Err(e) => {
-                tracing::error!("User Cookie problem {:?}", e);
-                Err((StatusCode::BAD_REQUEST, "User Cookie problem"))
+        if let Ok(cookies) = Cookies::from_request_parts(req, state).await {
+            let key = KEY.get().unwrap();
+            let private_cookies = cookies.private(key);
+
+            let cookie = match private_cookies.get(USER_COOKIE_NAME) {
+                Some(c) => c,
+                _ => return Err(OIDCUserError::MissingCookie),
+            };
+            let oidc_user = serde_json::from_str(&cookie.value());
+
+            match oidc_user {
+                Err(e) => {
+                    tracing::error!("User Cookie problem {:?}", e);
+                    Err(OIDCUserError::CookieDeserializeError(e))
+                }
+                Ok(ou) => Ok(ou),
             }
-            Ok(ou) => Ok(ou),
+        } else {
+            Err(OIDCUserError::CookieLoadError)
         }
     }
 }