Exceptions

exceptions ¶

Exception hierarchy for adk-secure-sessions.

All library exceptions inherit from SecureSessionError to enable broad exception handling while keeping specific failure modes distinguishable in control flow.

Examples:

Catch all library errors:

from adk_secure_sessions.exceptions import SecureSessionError

try:
    await backend.decrypt(ciphertext)
except SecureSessionError:
    ...

Catch only decryption failures:

from adk_secure_sessions.exceptions import DecryptionError

try:
    await backend.decrypt(ciphertext)
except DecryptionError:
    ...

SecureSessionError ¶

Bases: Exception


              flowchart TD
              adk_secure_sessions.exceptions.SecureSessionError[SecureSessionError]

              

              click adk_secure_sessions.exceptions.SecureSessionError href "" "adk_secure_sessions.exceptions.SecureSessionError"

Base exception for all adk-secure-sessions errors.

All library-specific exceptions inherit from this class so callers can use a single except SecureSessionError clause to handle any failure originating from this package.

Examples:

Catch any library error regardless of type:

try:
    await backend.encrypt(plaintext)
except SecureSessionError:
    log.error("adk-secure-sessions operation failed")

Source code in src/adk_secure_sessions/exceptions.py

class SecureSessionError(Exception):
    """Base exception for all adk-secure-sessions errors.

    All library-specific exceptions inherit from this class so callers
    can use a single ``except SecureSessionError`` clause to handle any
    failure originating from this package.

    Examples:
        Catch any library error regardless of type:

        ```python
        try:
            await backend.encrypt(plaintext)
        except SecureSessionError:
            log.error("adk-secure-sessions operation failed")
        ```
    """

EncryptionError ¶

Bases: SecureSessionError, DontWrapMixin


              flowchart TD
              adk_secure_sessions.exceptions.EncryptionError[EncryptionError]
              adk_secure_sessions.exceptions.SecureSessionError[SecureSessionError]

                              adk_secure_sessions.exceptions.SecureSessionError --> adk_secure_sessions.exceptions.EncryptionError
                


              click adk_secure_sessions.exceptions.EncryptionError href "" "adk_secure_sessions.exceptions.EncryptionError"
              click adk_secure_sessions.exceptions.SecureSessionError href "" "adk_secure_sessions.exceptions.SecureSessionError"

Raised when encryption fails.

Inherits DontWrapMixin so SQLAlchemy propagates this directly instead of wrapping it in StatementError.

Possible causes include invalid plaintext input or backend-specific errors. Error messages intentionally exclude key material, plaintext, and ciphertext to prevent information leakage.

Examples:

Handle encryption failures specifically:

try:
    ciphertext = await backend.encrypt(plaintext)
except EncryptionError:
    log.error("Encryption failed")

Source code in src/adk_secure_sessions/exceptions.py

class EncryptionError(SecureSessionError, DontWrapMixin):
    """Raised when encryption fails.

    Inherits ``DontWrapMixin`` so SQLAlchemy propagates this directly
    instead of wrapping it in ``StatementError``.

    Possible causes include invalid plaintext input or backend-specific
    errors. Error messages intentionally exclude key material, plaintext,
    and ciphertext to prevent information leakage.

    Examples:
        Handle encryption failures specifically:

        ```python
        try:
            ciphertext = await backend.encrypt(plaintext)
        except EncryptionError:
            log.error("Encryption failed")
        ```
    """

DecryptionError ¶

Bases: SecureSessionError, DontWrapMixin


              flowchart TD
              adk_secure_sessions.exceptions.DecryptionError[DecryptionError]
              adk_secure_sessions.exceptions.SecureSessionError[SecureSessionError]

                              adk_secure_sessions.exceptions.SecureSessionError --> adk_secure_sessions.exceptions.DecryptionError
                


              click adk_secure_sessions.exceptions.DecryptionError href "" "adk_secure_sessions.exceptions.DecryptionError"
              click adk_secure_sessions.exceptions.SecureSessionError href "" "adk_secure_sessions.exceptions.SecureSessionError"

Raised when decryption fails.

Inherits DontWrapMixin so SQLAlchemy propagates this directly instead of wrapping it in StatementError.

Possible causes include a wrong key, tampered ciphertext, or malformed input. Error messages intentionally exclude key material, ciphertext, and plaintext to prevent information leakage.

Examples:

Handle decryption failures specifically:

try:
    plaintext = await backend.decrypt(ciphertext)
except DecryptionError:
    log.error("Decryption failed, check key")

Source code in src/adk_secure_sessions/exceptions.py

class DecryptionError(SecureSessionError, DontWrapMixin):
    """Raised when decryption fails.

    Inherits ``DontWrapMixin`` so SQLAlchemy propagates this directly
    instead of wrapping it in ``StatementError``.

    Possible causes include a wrong key, tampered ciphertext, or
    malformed input. Error messages intentionally exclude key material,
    ciphertext, and plaintext to prevent information leakage.

    Examples:
        Handle decryption failures specifically:

        ```python
        try:
            plaintext = await backend.decrypt(ciphertext)
        except DecryptionError:
            log.error("Decryption failed, check key")
        ```
    """

SerializationError ¶

Bases: SecureSessionError, DontWrapMixin


              flowchart TD
              adk_secure_sessions.exceptions.SerializationError[SerializationError]
              adk_secure_sessions.exceptions.SecureSessionError[SecureSessionError]

                              adk_secure_sessions.exceptions.SecureSessionError --> adk_secure_sessions.exceptions.SerializationError
                


              click adk_secure_sessions.exceptions.SerializationError href "" "adk_secure_sessions.exceptions.SerializationError"
              click adk_secure_sessions.exceptions.SecureSessionError href "" "adk_secure_sessions.exceptions.SecureSessionError"

Raised when data cannot be serialized to JSON.

Inherits DontWrapMixin so SQLAlchemy propagates this directly instead of wrapping it in StatementError.

This indicates a caller bug — the input contains types that are not JSON-serializable (e.g., datetime, custom objects). This is distinct from encryption/decryption failures which indicate configuration or data integrity issues.

Examples:

Handle serialization failures:

try:
    envelope = await encrypt_session(data, backend, backend_id)
except SerializationError:
    log.error("Data contains non-JSON-serializable values")

Source code in src/adk_secure_sessions/exceptions.py

class SerializationError(SecureSessionError, DontWrapMixin):
    """Raised when data cannot be serialized to JSON.

    Inherits ``DontWrapMixin`` so SQLAlchemy propagates this directly
    instead of wrapping it in ``StatementError``.

    This indicates a caller bug — the input contains types that are not
    JSON-serializable (e.g., ``datetime``, custom objects). This is
    distinct from encryption/decryption failures which indicate
    configuration or data integrity issues.

    Examples:
        Handle serialization failures:

        ```python
        try:
            envelope = await encrypt_session(data, backend, backend_id)
        except SerializationError:
            log.error("Data contains non-JSON-serializable values")
        ```
    """

ConfigurationError ¶

Bases: SecureSessionError


              flowchart TD
              adk_secure_sessions.exceptions.ConfigurationError[ConfigurationError]
              adk_secure_sessions.exceptions.SecureSessionError[SecureSessionError]

                              adk_secure_sessions.exceptions.SecureSessionError --> adk_secure_sessions.exceptions.ConfigurationError
                


              click adk_secure_sessions.exceptions.ConfigurationError href "" "adk_secure_sessions.exceptions.ConfigurationError"
              click adk_secure_sessions.exceptions.SecureSessionError href "" "adk_secure_sessions.exceptions.SecureSessionError"

Raised when the service is misconfigured at startup.

Covers invalid encryption keys, backends that do not conform to the EncryptionBackend protocol, invalid backend IDs, empty database paths, and database connection failures. Error messages never include key material or other sensitive data.

Examples:

Handle configuration failures at startup:

try:
    service = EncryptedSessionService(
        db_url="sqlite+aiosqlite:///sessions.db",
        backend=my_backend,
    )
except ConfigurationError as exc:
    log.error("Service misconfigured: %s", exc)

Source code in src/adk_secure_sessions/exceptions.py

class ConfigurationError(SecureSessionError):
    """Raised when the service is misconfigured at startup.

    Covers invalid encryption keys, backends that do not conform to the
    ``EncryptionBackend`` protocol, invalid backend IDs, empty database
    paths, and database connection failures. Error messages never include
    key material or other sensitive data.

    Examples:
        Handle configuration failures at startup:

        ```python
        try:
            service = EncryptedSessionService(
                db_url="sqlite+aiosqlite:///sessions.db",
                backend=my_backend,
            )
        except ConfigurationError as exc:
            log.error("Service misconfigured: %s", exc)
        ```
    """