Add error handling for over sso seat limits

zeroidc/build.rs

@@ -34,4 +34,4 @@ fn target_dir() -> PathBuf {
     } else {
         PathBuf::from(env::var("CARGO_MANIFEST_DIR").unwrap()).join("target")
     }
-}
+}

zeroidc/src/error.rs

@@ -21,3 +21,17 @@ pub enum ZeroIDCError
     #[error(transparent)]
     ParseError(#[from] url::ParseError),
 }
+
+#[derive(Error, Debug)]
+#[error("SSO Exchange Error: {message:}")]
+pub struct SSOExchangeError {
+    message: String,
+}
+
+impl SSOExchangeError {
+    pub fn new(message: String) -> Self {
+        SSOExchangeError{
+            message
+        }
+    }
+}

zeroidc/src/ext.rs

@@ -267,9 +267,19 @@ pub extern "C" fn zeroidc_token_exchange(idc: *mut ZeroIDC, code: *const c_char
 
     let code = unsafe{CStr::from_ptr(code)}.to_str().unwrap();
 
-    let ret = idc.do_token_exchange( code);
-    let ret = CString::new(ret).unwrap();
-    return ret.into_raw();
+    let ret = idc.do_token_exchange(code);
+    match ret {
+        Ok(ret) => {
+            let ret = CString::new(ret).unwrap();
+            return ret.into_raw();
+
+        },
+        Err(e) => {
+            let errstr = format!("{{\"message\":\"{}\"\"}}", e).to_string();
+            let ret = CString::new(errstr).unwrap();
+            return ret.into_raw();
+        }
+    }
 }
 
 #[no_mangle]
@@ -338,4 +348,4 @@ pub extern "C" fn zeroidc_kick_refresh_thread(idc: *mut ZeroIDC) {
     };
 
     idc.kick_refresh_thread();
-}
+}

zeroidc/src/lib.rs

@@ -19,7 +19,7 @@ extern crate openidconnect;
 extern crate time;
 extern crate url;
 
-use crate::error::ZeroIDCError;
+use crate::error::*;
 
 use bytes::Bytes;
 use jwt::{Token};
@@ -415,7 +415,7 @@ impl ZeroIDC {
         }
     }
 
-    pub fn do_token_exchange(&mut self, code: &str) -> String {
+    pub fn do_token_exchange(&mut self, code: &str) -> Result<String, SSOExchangeError> {
         let local = Arc::clone(&self.inner);
         let mut should_start = false;
         let res = (*local.lock().unwrap()).as_opt().map(|i| {
@@ -530,7 +530,7 @@ impl ZeroIDC {
                                             println!("Set exp time to: {:?}", i.exp_time);
                                         },
                                         None => {
-                                            panic!("expiration is None.  This shouldn't happen")
+                                            panic!("expiration is None.  This shouldn't happen");
                                         }
                                     }
                                 } 
@@ -558,30 +558,38 @@ impl ZeroIDC {
                                     Err(_) => "".to_string(),
                                 };
 
-                                return bytes;
+                                return Ok(bytes);
                             },
                             Err(res) => {
+                                println!("error result: {}", res);
                                 println!("hit url: {}", res.url().unwrap().as_str());
                                 println!("Status: {}", res.status().unwrap());
                                 println!("Post error: {}", res.to_string());
                                 i.exp_time = 0;
+                                return Err(SSOExchangeError::new("error from central endpoint".to_string()));
                             }
                         }
-
-                        
                     } else {
-                        println!("invalid split length?!?");
+                        return Err(SSOExchangeError::new("error splitting state token".to_string()));
                     }
+                } else {
+                    return Err(SSOExchangeError::new("invalid token response".to_string()));
                 }
+            } else {
+                return Err(SSOExchangeError::new("invalid pkce verifier".to_string()));
             }
-            "".to_string()
+
         });
         if should_start {
             self.start();
         }
-        return match res {
-            Some(res) => res,
-            _ => "".to_string(),
+        match res {
+            Some(res) => {
+                return res;
+            },
+            _ => {
+                return Err(SSOExchangeError::new("invalid result".to_string()));
+            },
         };
     }
 }