sasl_error.rs

 1use ns;
 2use minidom::Element;
 3use util::FromElement;
 4
 5#[derive(Clone, Debug)]
 6pub enum Condition {
 7    Aborted,
 8    AccountDisabled,
 9    CredentialsExpired,
10    EncryptionRequired,
11    IncorrectEncoding,
12    InvalidAuthzid,
13    InvalidMechanism,
14    MalformedRequest,
15    MechanismTooWeak,
16    NotAuthorized,
17    TemporaryAuthFailure,
18    Unknown,
19}
20
21#[derive(Clone, Debug)]
22pub struct SaslError {
23    condition: Condition,
24    text: Option<String>,
25}
26
27impl FromElement for SaslError {
28    type Err = ();
29
30    fn from_element(element: &Element) -> Result<SaslError, ()> {
31        if !element.is("failure", ns::SASL) {
32            return Err(());
33        }
34        let mut err = SaslError {
35            condition: Condition::Unknown,
36            text: None,
37        };
38        if let Some(text) = element.get_child("text", ns::SASL) {
39            let desc = text.text();
40            err.text = Some(desc);
41        }
42        if element.has_child("aborted", ns::SASL) {
43            err.condition = Condition::Aborted;
44        }
45        else if element.has_child("account-disabled", ns::SASL) {
46            err.condition = Condition::AccountDisabled;
47        }
48        else if element.has_child("credentials-expired", ns::SASL) {
49            err.condition = Condition::CredentialsExpired;
50        }
51        else if element.has_child("encryption-required", ns::SASL) {
52            err.condition = Condition::EncryptionRequired;
53        }
54        else if element.has_child("incorrect-encoding", ns::SASL) {
55            err.condition = Condition::IncorrectEncoding;
56        }
57        else if element.has_child("invalid-authzid", ns::SASL) {
58            err.condition = Condition::InvalidAuthzid;
59        }
60        else if element.has_child("malformed-request", ns::SASL) {
61            err.condition = Condition::MalformedRequest;
62        }
63        else if element.has_child("mechanism-too-weak", ns::SASL) {
64            err.condition = Condition::MechanismTooWeak;
65        }
66        else if element.has_child("not-authorized", ns::SASL) {
67            err.condition = Condition::NotAuthorized;
68        }
69        else if element.has_child("temporary-auth-failure", ns::SASL) {
70            err.condition = Condition::TemporaryAuthFailure;
71        }
72        else {
73            /* RFC 6120 section 6.5:
74             *
75             * However, because additional error conditions might be defined in
76             * the future, if an entity receives a SASL error condition that it
77             * does not understand then it MUST treat the unknown condition as
78             * a generic authentication failure, i.e., as equivalent to
79             * <not-authorized/> (Section 6.5.10). */
80            err.condition = Condition::NotAuthorized;
81        }
82        Ok(err)
83    }
84}