diff options
Diffstat (limited to 'src/scm/webid-oidc/errors.scm')
-rw-r--r-- | src/scm/webid-oidc/errors.scm | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/src/scm/webid-oidc/errors.scm b/src/scm/webid-oidc/errors.scm index d494c7d..beccc35 100644 --- a/src/scm/webid-oidc/errors.scm +++ b/src/scm/webid-oidc/errors.scm @@ -401,6 +401,18 @@ &external-error '(value))) +(define-exception-type + &incorrect-ath-field + &external-error + make-incorrect-ath-field + incorrect-ath-field? + (value incorrect-ath-field-value)) + +(export &incorrect-ath-field + make-incorrect-ath-field + incorrect-ath-field? + incorrect-ath-field-value) + (define-public (raise-incorrect-htu-field value) (raise-exception ((record-constructor &incorrect-htu-field) value))) @@ -543,6 +555,20 @@ (raise-exception ((record-constructor &dpop-unconfirmed-key) key expected cause))) +(define-exception-type + &dpop-invalid-access-token-hash + &external-error + make-dpop-invalid-access-token-hash + dpop-invalid-access-token-hash? + (hash dpop-invalid-access-token-hash-hash) + (access-token dpop-invalid-access-token-hash-access-token)) + +(export &dpop-invalid-access-token-hash + make-dpop-invalid-access-token-hash + dpop-invalid-access-token-hash? + dpop-invalid-access-token-hash-hash + dpop-invalid-access-token-hash-access-token) + (define-public &jti-found (make-exception-type '&jti-found @@ -1227,6 +1253,11 @@ (if value (format #f (G_ "the htu field is incorrect: ~s") value) (format #f (G_ "the htu field is missing"))))) + ((&incorrect-ath-field) + (let ((value (get 'value))) + (if value + (format #f (G_ "the ath field is incorrect: ~s") value) + (format #f (G_ "the ath field is missing"))))) ((¬-an-access-token) (format #f (G_ "~s is not an access token (because ~a)") (get 'value) (recurse (get 'cause)))) @@ -1288,6 +1319,14 @@ (format #f (G_ "the key confirmation of ~s failed (because ~a)") key (recurse cause))) (else (format #f (G_ "the key confirmation of ~s failed") key))))) + ((&dpop-invalid-access-token-hash) + (let ((h (get 'hash)) + (at (get 'access-token))) + (if h + (format #f (G_ "the DPoP proof is bound to an access token with hash ~s, not ~s") + h at) + (format #f (G_ "the DPoP proof should be bound to the access token ~s") + at)))) ((&jti-found) (format #f (G_ "the jti ~s has already been found (because ~a)") (get 'jti) (recurse (get 'cause)))) |