spiffe/error.rs
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96
//! Defines errors related to interactions with the GRPC client, including handling of X.509 and JWT materials,
//! SPIFFE endpoint socket path validation, and other potential failure points within the Rust-Spiffe library.
//! This encompasses errors related to endpoint configuration, response handling, data processing, and specific
//! errors for various SPIFFE components.
use crate::{JwtBundleError, JwtSvidError, SpiffeIdError, X509BundleError, X509SvidError};
use thiserror::Error;
use url::ParseError;
/// Errors that may arise while interacting with and fetching materials from a GRPC client.
/// Includes errors related to endpoint configuration, response handling, and data processing.
#[derive(Debug, Error)]
#[non_exhaustive]
pub enum GrpcClientError {
/// Missing environment variable for the endpoint socket address.
#[error("missing endpoint socket address environment variable (SPIFFE_ENDPOINT_SOCKET)")]
MissingEndpointSocketPath,
/// The GRPC client received an empty response.
#[error("received an empty response from the GRPC client")]
EmptyResponse,
/// Invalid endpoint socket path configuration.
#[error("invalid endpoint socket path")]
InvalidEndpointSocketPath(#[from] SocketPathError),
/// Failed to parse the X509Svid response from the client.
#[error("failed to process X509Svid response")]
InvalidX509Svid(#[from] X509SvidError),
/// Failed to parse the JwtSvid response from the client.
#[error("failed to process JwtSvid response")]
InvalidJwtSvid(#[from] JwtSvidError),
/// Failed to parse the X509Bundle response from the client.
#[error("failed to process X509Bundle response")]
InvalidX509Bundle(#[from] X509BundleError),
/// Failed to parse the JwtBundle response from the client.
#[error("failed to process JwtBundle response")]
InvalidJwtBundle(#[from] JwtBundleError),
/// Invalid trust domain in the bundles response.
#[error("invalid trust domain in bundles response")]
InvalidTrustDomain(#[from] SpiffeIdError),
/// Error returned by the GRPC library for error responses from the client.
#[error("error response from the GRPC client")]
Grpc(#[from] tonic::Status),
/// Error returned by the GRPC library when creating a transport channel.
#[error("error creating transport channel to the GRPC client")]
Transport(#[from] tonic::transport::Error),
}
/// Errors related to the validation of a SPIFFE endpoint socket path.
/// These cover scenarios such as invalid URI schemes, missing components, and unexpected URI structure.
#[derive(Debug, Error, PartialEq, Copy, Clone)]
#[non_exhaustive]
pub enum SocketPathError {
/// The SPIFFE endpoint socket URI has a scheme other than 'unix' or 'tcp'.
#[error("workload endpoint socket URI must have a tcp:// or unix:// scheme")]
InvalidScheme,
/// The SPIFFE endpoint unix socket URI does not include a path.
#[error("workload endpoint unix socket URI must include a path")]
UnixAddressEmptyPath,
/// The SPIFFE endpoint tcp socket URI include a path.
#[error("workload endpoint tcp socket URI must not include a path")]
TcpAddressNonEmptyPath,
/// The SPIFFE endpoint socket URI has query values.
#[error("workload endpoint socket URI must not include query values")]
HasQueryValues,
/// The SPIFFE endpoint socket URI has a fragment.
#[error("workload endpoint socket URI must not include a fragment")]
HasFragment,
/// The SPIFFE endpoint socket URI has query user info.
#[error("workload endpoint socket URI must not include user info")]
HasUserInfo,
/// The SPIFFE endpoint tcp socket URI has misses a host.
#[error("workload endpoint tcp socket URI must include a host")]
TcpEmptyHost,
/// The SPIFFE endpoint tcp socket URI has misses a port.
#[error("workload endpoint tcp socket URI host component must be an IP:port")]
TcpAddressNoIpPort,
/// Error returned by the URI parsing library.
#[error("workload endpoint socket is not a valid URI")]
Parse(#[from] ParseError),
}