Merge pull request #50 from mikkyang/feature/component-errors

More detailed component errors
mikkyang · Jun 28, 2020 · 796ca14 · 796ca14
2 parents 125c71c + f5a9350
commit 796ca14
Show file tree

Hide file tree

Showing 2 changed files with 58 additions and 19 deletions.
diff --git a/src/error.rs b/src/error.rs
@@ -1,3 +1,4 @@
+use self::Error::*;
 use crate::algorithm::AlgorithmType;
 use base64::DecodeError;
 use crypto_mac::{InvalidKeyLength, MacError};
@@ -10,6 +11,10 @@ pub enum Error {
     AlgorithmMismatch(AlgorithmType, AlgorithmType),
     NoKeyId,
     NoKeyWithKeyId(String),
+    NoHeaderComponent,
+    NoClaimsComponent,
+    NoSignatureComponent,
+    TooManyComponents,
     Format,
     Base64(DecodeError),
     Json(JsonError),
@@ -23,19 +28,23 @@ pub enum Error {
 impl fmt::Display for Error {
     fn fmt(&self, f: &mut fmt::Formatter) -> Result<(), fmt::Error> {
         match *self {
-            Error::AlgorithmMismatch(a, b) => {
+            AlgorithmMismatch(a, b) => {
                 write!(f, "Expected algorithm type {:?} but found {:?}", a, b)
             }
-            Error::NoKeyId => write!(f, "No key id found"),
-            Error::NoKeyWithKeyId(ref kid) => write!(f, "Key with key id {} not found", kid),
-            Error::Format => write!(f, "Format"),
-            Error::Base64(ref x) => write!(f, "{}", x),
-            Error::Json(ref x) => write!(f, "{}", x),
-            Error::Utf8(ref x) => write!(f, "{}", x),
-            Error::RustCryptoMac(ref x) => write!(f, "{}", x),
-            Error::RustCryptoMacKeyLength(ref x) => write!(f, "{}", x),
+            NoKeyId => write!(f, "No key id found"),
+            NoKeyWithKeyId(ref kid) => write!(f, "Key with key id {} not found", kid),
+            NoHeaderComponent => write!(f, "No header component found in token string"),
+            NoClaimsComponent => write!(f, "No claims component found in token string"),
+            NoSignatureComponent => write!(f, "No signature component found in token string"),
+            TooManyComponents => write!(f, "Too many components found in token string"),
+            Format => write!(f, "Format"),
+            Base64(ref x) => write!(f, "{}", x),
+            Json(ref x) => write!(f, "{}", x),
+            Utf8(ref x) => write!(f, "{}", x),
+            RustCryptoMac(ref x) => write!(f, "{}", x),
+            RustCryptoMacKeyLength(ref x) => write!(f, "{}", x),
             #[cfg(feature = "openssl")]
-            Error::OpenSsl(ref x) => write!(f, "{}", x),
+            OpenSsl(ref x) => write!(f, "{}", x),
         }
     }
 }
@@ -50,10 +59,10 @@ macro_rules! error_wrap {
     };
 }
 
-error_wrap!(DecodeError, Error::Base64);
-error_wrap!(JsonError, Error::Json);
-error_wrap!(FromUtf8Error, Error::Utf8);
-error_wrap!(MacError, Error::RustCryptoMac);
-error_wrap!(InvalidKeyLength, Error::RustCryptoMacKeyLength);
+error_wrap!(DecodeError, Base64);
+error_wrap!(JsonError, Json);
+error_wrap!(FromUtf8Error, Utf8);
+error_wrap!(MacError, RustCryptoMac);
+error_wrap!(InvalidKeyLength, RustCryptoMacKeyLength);
 #[cfg(feature = "openssl")]
 error_wrap!(openssl::error::ErrorStack, Error::OpenSsl);
diff --git a/src/token/verified.rs b/src/token/verified.rs
@@ -131,9 +131,13 @@ impl<'a, H: FromBase64, C: FromBase64> Token<H, C, Unverified<'a>> {
 
 pub(crate) fn split_components(token: &str) -> Result<[&str; 3], Error> {
     let mut components = token.split(SEPARATOR);
-    let header = components.next().ok_or(Error::Format)?;
-    let claims = components.next().ok_or(Error::Format)?;
-    let signature = components.next().ok_or(Error::Format)?;
+    let header = components.next().ok_or(Error::NoHeaderComponent)?;
+    let claims = components.next().ok_or(Error::NoClaimsComponent)?;
+    let signature = components.next().ok_or(Error::NoSignatureComponent)?;
+
+    if components.next().is_some() {
+        return Err(Error::TooManyComponents);
+    }
 
     Ok([header, claims, signature])
 }
@@ -142,7 +146,7 @@ pub(crate) fn split_components(token: &str) -> Result<[&str; 3], Error> {
 mod tests {
     use crate::algorithm::VerifyingAlgorithm;
     use crate::error::Error;
-    use crate::token::verified::VerifyWithStore;
+    use crate::token::verified::{VerifyWithKey, VerifyWithStore};
     use hmac::{Hmac, NewMac};
     use sha2::{Sha256, Sha512};
     use std::collections::BTreeMap;
@@ -152,6 +156,32 @@ mod tests {
         name: String,
     }
 
+    #[test]
+    pub fn component_errors() {
+        let key: Hmac<Sha256> = Hmac::new_varkey(b"first").unwrap();
+
+        let no_claims = "header";
+        match VerifyWithKey::<String>::verify_with_key(no_claims, &key) {
+            Err(Error::NoClaimsComponent) => (),
+            Ok(s) => panic!("Verify should not have succeeded with output {:?}", s),
+            x => panic!("Incorrect error type {:?}", x),
+        }
+
+        let no_signature = "header.claims";
+        match VerifyWithKey::<String>::verify_with_key(no_signature, &key) {
+            Err(Error::NoSignatureComponent) => (),
+            Ok(s) => panic!("Verify should not have succeeded with output {:?}", s),
+            x => panic!("Incorrect error type {:?}", x),
+        }
+
+        let too_many = "header.claims.signature.";
+        match VerifyWithKey::<String>::verify_with_key(too_many, &key) {
+            Err(Error::TooManyComponents) => (),
+            Ok(s) => panic!("Verify should not have succeeded with output {:?}", s),
+            x => panic!("Incorrect error type {:?}", x),
+        }
+    }
+
     #[test]
     pub fn verify_claims_with_store() -> Result<(), Error> {
         let mut key_store = BTreeMap::new();