1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162

// Copyright 2015-2018 Capital One Services, LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

use std::{error::Error as StdError, fmt};

use wasmparser::BinaryReaderError;

/// An error that can contain wascap-specific context
#[derive(Debug)]
pub struct Error(Box<ErrorKind>);

pub(crate) fn new(kind: ErrorKind) -> Error {
    Error(Box::new(kind))
}

#[derive(Debug)]
pub enum ErrorKind {
    Serialize(serde_json::error::Error),
    Encryption(nkeys::error::Error),
    Decode(data_encoding::DecodeError),
    UTF8(std::string::FromUtf8Error),
    Token(String),
    InvalidCapability,
    WasmElement(String),
    IO(std::io::Error),
    InvalidModuleHash,
    ExpiredToken,
    TokenTooEarly,
    InvalidAlgorithm,
    MissingIssuer,
    MissingSubject,
}

impl Error {
    #[must_use]
    pub fn kind(&self) -> &ErrorKind {
        &self.0
    }

    #[must_use]
    pub fn into_kind(self) -> ErrorKind {
        *self.0
    }
}

impl StdError for Error {
    fn description(&self) -> &str {
        match *self.0 {
            ErrorKind::Serialize(_) => "Serialization failure",
            ErrorKind::Encryption(_) => "Encryption failure",
            ErrorKind::Decode(_) => "Decode failure",
            ErrorKind::UTF8(_) => "UTF8 failure",
            ErrorKind::Token(_) => "JWT failure",
            ErrorKind::InvalidCapability => "Invalid Capability",
            ErrorKind::WasmElement(_) => "WebAssembly element",
            ErrorKind::IO(_) => "I/O error",
            ErrorKind::InvalidModuleHash => "Invalid Module Hash",
            ErrorKind::ExpiredToken => "Token has expired",
            ErrorKind::TokenTooEarly => "Token cannot be used yet",
            ErrorKind::InvalidAlgorithm => "Invalid JWT algorithm",
            ErrorKind::MissingIssuer => "Missing issuer claim",
            ErrorKind::MissingSubject => "Missing sub claim",
        }
    }

    fn cause(&self) -> Option<&dyn StdError> {
        match *self.0 {
            ErrorKind::Serialize(ref err) => Some(err),
            ErrorKind::Encryption(ref err) => Some(err),
            ErrorKind::Decode(ref err) => Some(err),
            ErrorKind::UTF8(ref err) => Some(err),
            ErrorKind::IO(ref err) => Some(err),
            ErrorKind::Token(_)
            | ErrorKind::InvalidCapability
            | ErrorKind::WasmElement(_)
            | ErrorKind::InvalidModuleHash
            | ErrorKind::ExpiredToken
            | ErrorKind::TokenTooEarly
            | ErrorKind::InvalidAlgorithm
            | ErrorKind::MissingIssuer
            | ErrorKind::MissingSubject => None,
        }
    }
}

impl fmt::Display for Error {
    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
        match *self.0 {
            ErrorKind::Serialize(ref err) => write!(f, "Serialization error: {err}"),
            ErrorKind::Encryption(ref err) => write!(f, "Encryption error: {err}"),
            ErrorKind::Decode(ref err) => write!(f, "Decode error: {err}"),
            ErrorKind::UTF8(ref err) => write!(f, "UTF8 error: {err}"),
            ErrorKind::Token(ref err) => write!(f, "JWT error: {err}"),
            ErrorKind::InvalidCapability => write!(f, "Invalid capability"),
            ErrorKind::WasmElement(ref err) => write!(f, "Wasm Element error: {err}"),
            ErrorKind::IO(ref err) => write!(f, "I/O error: {err}"),
            ErrorKind::InvalidModuleHash => write!(f, "Invalid module hash"),
            ErrorKind::ExpiredToken => write!(f, "Module token has expired"),
            ErrorKind::TokenTooEarly => write!(f, "Module cannot be used yet"),
            ErrorKind::InvalidAlgorithm => {
                write!(f, "Invalid JWT algorithm. WASCAP only supports Ed25519")
            }
            ErrorKind::MissingIssuer => {
                write!(
                    f,
                    "Invalid JWT. WASCAP requires an issuer claim to be present"
                )
            }
            ErrorKind::MissingSubject => {
                write!(f, "Invalid JWT. WASCAP requires a sub claim to be present")
            }
        }
    }
}

impl From<std::io::Error> for Error {
    fn from(source: std::io::Error) -> Error {
        Error(Box::new(ErrorKind::IO(source)))
    }
}

impl From<BinaryReaderError> for Error {
    fn from(source: BinaryReaderError) -> Error {
        let io_error = ::std::io::Error::new(::std::io::ErrorKind::Other, source.to_string());
        Error(Box::new(ErrorKind::IO(io_error)))
    }
}

impl From<serde_json::error::Error> for Error {
    fn from(source: serde_json::error::Error) -> Error {
        Error(Box::new(ErrorKind::Serialize(source)))
    }
}

impl From<data_encoding::DecodeError> for Error {
    fn from(source: data_encoding::DecodeError) -> Error {
        Error(Box::new(ErrorKind::Decode(source)))
    }
}

impl From<nkeys::error::Error> for Error {
    fn from(source: nkeys::error::Error) -> Error {
        Error(Box::new(ErrorKind::Encryption(source)))
    }
}

impl From<std::string::FromUtf8Error> for Error {
    fn from(source: std::string::FromUtf8Error) -> Error {
        Error(Box::new(ErrorKind::UTF8(source)))
    }
}