properly set expires in storage
This commit is contained in:
Tim Möhlmann
parent
768a1355d9
commit
0f9ec46aaa
3 changed files with 10 additions and 5 deletions
|
|
@ -77,7 +77,9 @@ func DeviceAuthorization(w http.ResponseWriter, r *http.Request, o OpenIDProvide
|
|||
RequestError(w, r, err)
|
||||
return
|
||||
}
|
||||
err = storage.StoreDeviceAuthorization(r.Context(), req.ClientID, deviceCode, userCode, req.Scopes)
|
||||
|
||||
expires := time.Now().Add(time.Duration(config.Lifetime) * time.Second)
|
||||
err = storage.StoreDeviceAuthorization(r.Context(), req.ClientID, deviceCode, userCode, expires, req.Scopes)
|
||||
if err != nil {
|
||||
RequestError(w, r, err)
|
||||
return
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@ const (
|
|||
defaultEndSessionEndpoint = "end_session"
|
||||
defaultKeysEndpoint = "keys"
|
||||
defaultDeviceAuthzEndpoint = "/device_authorization"
|
||||
defaultUserCodeFormEndpoint = "/device"
|
||||
defaultUserCodeFormEndpoint = "/submit_user_code"
|
||||
)
|
||||
|
||||
var (
|
||||
|
|
@ -124,6 +124,7 @@ type Config struct {
|
|||
GrantTypeRefreshToken bool
|
||||
RequestObjectSupported bool
|
||||
SupportedUILocales []language.Tag
|
||||
DeviceAuthorization DeviceAuthorizationConfig
|
||||
}
|
||||
|
||||
type endpoints struct {
|
||||
|
|
@ -153,6 +154,7 @@ type endpoints struct {
|
|||
// /revoke
|
||||
// /end_session
|
||||
// /keys
|
||||
// /device_authorization
|
||||
//
|
||||
// This does not include login. Login is handled with a redirect that includes the
|
||||
// request ID. The redirect for logins is specified per-client by Client.LoginURL().
|
||||
|
|
@ -292,7 +294,8 @@ func (o *Provider) GrantTypeJWTAuthorizationSupported() bool {
|
|||
}
|
||||
|
||||
func (o *Provider) GrantTypeDeviceCodeSupported() bool {
|
||||
return true
|
||||
_, ok := o.storage.(DeviceAuthorizationStorage)
|
||||
return ok
|
||||
}
|
||||
|
||||
func (o *Provider) IntrospectionAuthMethodPrivateKeyJWTSupported() bool {
|
||||
|
|
@ -329,7 +332,7 @@ func (o *Provider) SupportedUILocales() []language.Tag {
|
|||
}
|
||||
|
||||
func (o *Provider) DeviceAuthorization() DeviceAuthorizationConfig {
|
||||
return DeviceAuthorizationConfig{}
|
||||
return o.config.DeviceAuthorization
|
||||
}
|
||||
|
||||
func (o *Provider) Storage() Storage {
|
||||
|
|
|
|||
|
|
@ -171,7 +171,7 @@ type DeviceAuthorizationStorage interface {
|
|||
// database, the change for collisions increases. Therefore implementers
|
||||
// of this interface must make sure that user codes of expired authentication flows are purged,
|
||||
// after some time.
|
||||
StoreDeviceAuthorization(ctx context.Context, clientID, deviceCode, userCode string, scopes []string) error
|
||||
StoreDeviceAuthorization(ctx context.Context, clientID, deviceCode, userCode string, expires time.Time, scopes []string) error
|
||||
|
||||
// GetDeviceAuthorizatonState returns the current state of the device authorization flow in the database.
|
||||
// The method is polled untill the the authorization is eighter Completed, Expired or Denied.
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue