actix-extras/actix-web-httpauth/src/extractors/errors.rs

use std::{error::Error, fmt};

use actix_web::{http::StatusCode, HttpResponse, ResponseError};

use crate::headers::www_authenticate::{Challenge, WwwAuthenticate};

/// Authentication error returned by authentication extractors.
///
/// Different extractors may extend `AuthenticationError` implementation in order to provide access
/// inner challenge fields.
#[derive(Debug)]
pub struct AuthenticationError<C: Challenge> {
    challenge: C,
    status_code: StatusCode,
}

impl<C: Challenge> AuthenticationError<C> {
    /// Creates new authentication error from the provided `challenge`.
    ///
    /// By default returned error will resolve into the `HTTP 401` status code.
    pub fn new(challenge: C) -> AuthenticationError<C> {
        AuthenticationError {
            challenge,
            status_code: StatusCode::UNAUTHORIZED,
        }
    }

    /// Returns mutable reference to the inner challenge instance.
    pub fn challenge_mut(&mut self) -> &mut C {
        &mut self.challenge
    }

    /// Returns mutable reference to the inner status code.
    ///
    /// Can be used to override returned status code, but by default this lib tries to stick to the
    /// RFC, so it might be unreasonable.
    pub fn status_code_mut(&mut self) -> &mut StatusCode {
        &mut self.status_code
    }
}

impl<C: Challenge> fmt::Display for AuthenticationError<C> {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        fmt::Display::fmt(&self.status_code, f)
    }
}

impl<C: Challenge + 'static> Error for AuthenticationError<C> {}

impl<C: Challenge + 'static> ResponseError for AuthenticationError<C> {
    fn status_code(&self) -> StatusCode {
        self.status_code
    }

    fn error_response(&self) -> HttpResponse {
        HttpResponse::build(self.status_code())
            .insert_header(WwwAuthenticate(self.challenge.clone()))
            .finish()
    }
}

#[cfg(test)]
mod tests {
    use actix_web::Error;

    use super::*;
    use crate::headers::www_authenticate::basic::Basic;

    #[test]
    fn test_status_code_is_preserved_across_error_conversions() {
        let ae = AuthenticationError::new(Basic::default());
        let expected = ae.status_code;

        // Converting the AuthenticationError into a ResponseError should preserve the status code.
        let err = Error::from(ae);
        let res_err = err.as_response_error();
        assert_eq!(expected, res_err.status_code());
    }
}
improve httpauth ergonomics (#264) * improve httpauth ergonomics * update changelog * code and docs cleanup * docs * docs clean * remove AuthExtractor trait * update changelog 2022-07-21 03:50:22 +02:00			`use std::{error::Error, fmt};`
Bearer auth 2018-05-30 16:43:39 +03:00
improve httpauth ergonomics (#264) * improve httpauth ergonomics * update changelog * code and docs cleanup * docs * docs clean * remove AuthExtractor trait * update changelog 2022-07-21 03:50:22 +02:00			`use actix_web::{http::StatusCode, HttpResponse, ResponseError};`
Bearer auth 2018-05-30 16:43:39 +03:00
improve httpauth ergonomics (#264) * improve httpauth ergonomics * update changelog * code and docs cleanup * docs * docs clean * remove AuthExtractor trait * update changelog 2022-07-21 03:50:22 +02:00			`use crate::headers::www_authenticate::{Challenge, WwwAuthenticate};`
Bearer auth 2018-05-30 16:43:39 +03:00
Upgrage to the actix-web 1.0 -- alpha.1 version 2019-05-15 17:38:55 +03:00			`/// Authentication error returned by authentication extractors.`
Bearer auth 2018-05-30 16:43:39 +03:00			`///`
improve httpauth ergonomics (#264) * improve httpauth ergonomics * update changelog * code and docs cleanup * docs * docs clean * remove AuthExtractor trait * update changelog 2022-07-21 03:50:22 +02:00			/// Different extractors may extend `AuthenticationError` implementation in order to provide access
			`/// inner challenge fields.`
Bearer auth 2018-05-30 16:43:39 +03:00			`#[derive(Debug)]`
			`pub struct AuthenticationError<C: Challenge> {`
			`challenge: C,`
			`status_code: StatusCode,`
			`}`

			`impl<C: Challenge> AuthenticationError<C> {`
Upgrage to the actix-web 1.0 -- alpha.1 version 2019-05-15 17:38:55 +03:00			/// Creates new authentication error from the provided `challenge`.
			`///`
			/// By default returned error will resolve into the `HTTP 401` status code.
Bearer auth 2018-05-30 16:43:39 +03:00			`pub fn new(challenge: C) -> AuthenticationError<C> {`
			`AuthenticationError {`
			`challenge,`
			`status_code: StatusCode::UNAUTHORIZED,`
			`}`
			`}`

Upgrage to the actix-web 1.0 -- alpha.1 version 2019-05-15 17:38:55 +03:00			`/// Returns mutable reference to the inner challenge instance.`
Bearer auth 2018-05-30 16:43:39 +03:00			`pub fn challenge_mut(&mut self) -> &mut C {`
			`&mut self.challenge`
			`}`

Upgrage to the actix-web 1.0 -- alpha.1 version 2019-05-15 17:38:55 +03:00			`/// Returns mutable reference to the inner status code.`
			`///`
improve httpauth ergonomics (#264) * improve httpauth ergonomics * update changelog * code and docs cleanup * docs * docs clean * remove AuthExtractor trait * update changelog 2022-07-21 03:50:22 +02:00			`/// Can be used to override returned status code, but by default this lib tries to stick to the`
			`/// RFC, so it might be unreasonable.`
Bearer auth 2018-05-30 16:43:39 +03:00			`pub fn status_code_mut(&mut self) -> &mut StatusCode {`
			`&mut self.status_code`
			`}`
			`}`

			`impl<C: Challenge> fmt::Display for AuthenticationError<C> {`
Make the lint stricter (#20) * Make the lint stricter * Add explicit lifetimes * Allow `needless_doctest_main` 2020-01-14 13:31:20 +09:00			`fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {`
Upgrage to the actix-web 1.0 -- alpha.1 version 2019-05-15 17:38:55 +03:00			`fmt::Display::fmt(&self.status_code, f)`
Bearer auth 2018-05-30 16:43:39 +03:00			`}`
			`}`

improve httpauth ergonomics (#264) * improve httpauth ergonomics * update changelog * code and docs cleanup * docs * docs clean * remove AuthExtractor trait * update changelog 2022-07-21 03:50:22 +02:00			`impl<C: Challenge + 'static> Error for AuthenticationError<C> {}`

			`impl<C: Challenge + 'static> ResponseError for AuthenticationError<C> {`
			`fn status_code(&self) -> StatusCode {`
			`self.status_code`
			`}`
Bearer auth 2018-05-30 16:43:39 +03:00
			`fn error_response(&self) -> HttpResponse {`
improve httpauth ergonomics (#264) * improve httpauth ergonomics * update changelog * code and docs cleanup * docs * docs clean * remove AuthExtractor trait * update changelog 2022-07-21 03:50:22 +02:00			`HttpResponse::build(self.status_code())`
Update dependencies (Tokio 1.0) (#144) 2021-03-21 23:50:26 +01:00			`.insert_header(WwwAuthenticate(self.challenge.clone()))`
Bearer auth 2018-05-30 16:43:39 +03:00			`.finish()`
			`}`
Bugfix: AuthenticationError should set status_code I noticed that my `AuthenticationError`'s `status_code` field was 401, but when I ran `.as_response_error()` the `ResponseError`'s code was 500 (the default value). It's because impl ResponseError for AuthenticationError doesn't define the `status_code()` trait method. Merely setting the status code in `error_response` isn't enough, it seems. I added a unit test for this case too. 2020-05-18 21:30:14 -05:00			`}`

			`#[cfg(test)]`
			`mod tests {`
Consistent import formatting (#237) 2022-03-29 11:46:13 +01:00			`use actix_web::Error;`

Bugfix: AuthenticationError should set status_code I noticed that my `AuthenticationError`'s `status_code` field was 401, but when I ran `.as_response_error()` the `ResponseError`'s code was 500 (the default value). It's because impl ResponseError for AuthenticationError doesn't define the `status_code()` trait method. Merely setting the status code in `error_response` isn't enough, it seems. I added a unit test for this case too. 2020-05-18 21:30:14 -05:00			`use super::*;`
			`use crate::headers::www_authenticate::basic::Basic;`

			`#[test]`
			`fn test_status_code_is_preserved_across_error_conversions() {`
improve httpauth ergonomics (#264) * improve httpauth ergonomics * update changelog * code and docs cleanup * docs * docs clean * remove AuthExtractor trait * update changelog 2022-07-21 03:50:22 +02:00			`let ae = AuthenticationError::new(Basic::default());`
Bugfix: AuthenticationError should set status_code I noticed that my `AuthenticationError`'s `status_code` field was 401, but when I ran `.as_response_error()` the `ResponseError`'s code was 500 (the default value). It's because impl ResponseError for AuthenticationError doesn't define the `status_code()` trait method. Merely setting the status code in `error_response` isn't enough, it seems. I added a unit test for this case too. 2020-05-18 21:30:14 -05:00			`let expected = ae.status_code;`

			`// Converting the AuthenticationError into a ResponseError should preserve the status code.`
improve httpauth ergonomics (#264) * improve httpauth ergonomics * update changelog * code and docs cleanup * docs * docs clean * remove AuthExtractor trait * update changelog 2022-07-21 03:50:22 +02:00			`let err = Error::from(ae);`
			`let res_err = err.as_response_error();`
			`assert_eq!(expected, res_err.status_code());`
Bugfix: AuthenticationError should set status_code I noticed that my `AuthenticationError`'s `status_code` field was 401, but when I ran `.as_response_error()` the `ResponseError`'s code was 500 (the default value). It's because impl ResponseError for AuthenticationError doesn't define the `status_code()` trait method. Merely setting the status code in `error_response` isn't enough, it seems. I added a unit test for this case too. 2020-05-18 21:30:14 -05:00			`}`
Bearer auth 2018-05-30 16:43:39 +03:00			`}`