Documentation ¶
Index ¶
- type Storage
- func (s Storage) ClientAssertionJWTValid(ctx context.Context, jti string) error
- func (s Storage) CreateAccessTokenSession(ctx context.Context, signature string, request fosite.Requester) (err error)
- func (s Storage) CreateAuthorizeCodeSession(ctx context.Context, code string, request fosite.Requester) (err error)
- func (s Storage) CreateRefreshTokenSession(ctx context.Context, signature string, request fosite.Requester) (err error)
- func (s Storage) DeleteAccessTokenSession(ctx context.Context, signature string) (err error)
- func (s Storage) DeleteRefreshTokenSession(ctx context.Context, signature string) (err error)
- func (s Storage) GetAccessTokenSession(ctx context.Context, signature string, session fosite.Session) (request fosite.Requester, err error)
- func (s Storage) GetAuthorizeCodeSession(ctx context.Context, code string, session fosite.Session) (request fosite.Requester, err error)
- func (s Storage) GetClient(ctx context.Context, id string) (fosite.Client, error)
- func (s Storage) GetRefreshTokenSession(ctx context.Context, signature string, session fosite.Session) (request fosite.Requester, err error)
- func (s Storage) InvalidateAuthorizeCodeSession(ctx context.Context, code string) (err error)
- func (s Storage) RevokeAccessToken(ctx context.Context, requestID string) error
- func (s Storage) RevokeRefreshToken(ctx context.Context, requestID string) error
- func (s Storage) RevokeRefreshTokenMaybeGracePeriod(ctx context.Context, requestID string, signature string) error
- func (s Storage) SetClientAssertionJWT(ctx context.Context, jti string, exp time.Time) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Storage ¶
type Storage struct { Update infrastructure.Update Query infrastructure.Query Create infrastructure.Create Delete infrastructure.Delete }
Storage represents oauth implementation
func NewFositeStorage ¶
func NewFositeStorage( create infrastructure.Create, update infrastructure.Update, query infrastructure.Query, delete infrastructure.Delete, ) Storage
func (Storage) ClientAssertionJWTValid ¶
ClientAssertionJWTValid returns an error if the JTI is known or the DB check failed and nil if the JTI is not known.
func (Storage) CreateAccessTokenSession ¶
func (Storage) CreateAuthorizeCodeSession ¶
func (s Storage) CreateAuthorizeCodeSession(ctx context.Context, code string, request fosite.Requester) (err error)
CreateAuthorizeCodeSession stores the authorization request for a given authorization code.
func (Storage) CreateRefreshTokenSession ¶
func (Storage) DeleteAccessTokenSession ¶
func (Storage) DeleteRefreshTokenSession ¶
func (Storage) GetAccessTokenSession ¶
func (Storage) GetAuthorizeCodeSession ¶
func (s Storage) GetAuthorizeCodeSession(ctx context.Context, code string, session fosite.Session) (request fosite.Requester, err error)
GetAuthorizeCodeSession hydrates the session based on the given code and returns the authorization request. If the authorization code has been invalidated with `InvalidateAuthorizeCodeSession`, this method should return the ErrInvalidatedAuthorizeCode error.
Make sure to also return the fosite.Requester value when returning the fosite.ErrInvalidatedAuthorizeCode error!
func (Storage) GetClient ¶
GetClient loads the client by its ID or returns an error if the client does not exist or another error occurred.
func (Storage) GetRefreshTokenSession ¶
func (Storage) InvalidateAuthorizeCodeSession ¶
InvalidateAuthorizeCodeSession is called when an authorize code is being used. The state of the authorization code should be set to invalid and consecutive requests to GetAuthorizeCodeSession should return the ErrInvalidatedAuthorizeCode error.
func (Storage) RevokeAccessToken ¶
func (Storage) RevokeRefreshToken ¶
RevokeRefreshToken revokes a refresh token as specified in: https://tools.ietf.org/html/rfc7009#section-2.1 If the particular token is a refresh token and the authorization server supports the revocation of access tokens, then the authorization server SHOULD also invalidate all access tokens based on the same authorization grant (see Implementation Note).
func (Storage) RevokeRefreshTokenMaybeGracePeriod ¶
func (s Storage) RevokeRefreshTokenMaybeGracePeriod(ctx context.Context, requestID string, signature string) error
RevokeRefreshTokenMaybeGracePeriod revokes a refresh token as specified in: https://tools.ietf.org/html/rfc7009#section-2.1 If the particular token is a refresh token and the authorization server supports the revocation of access tokens, then the authorization server SHOULD also invalidate all access tokens based on the same authorization grant (see Implementation Note).
If the Refresh Token grace period is greater than zero in configuration the token will have its expiration time set as UTCNow + GracePeriod.
func (Storage) SetClientAssertionJWT ¶
SetClientAssertionJWT marks a JTI as known for the given expiry time. Before inserting the new JTI, it will clean up any existing JTIs that have expired as those tokens cannot be replayed due to the expiry.