device example

pkg/op/device.go

@@ -86,6 +86,8 @@ func DeviceAuthorization(w http.ResponseWriter, r *http.Request, o OpenIDProvide
 		DeviceCode:      deviceCode,
 		UserCode:        userCode,
 		VerificationURI: config.UserFormURL,
+		ExpiresIn:       int(config.Lifetime / time.Second),
+		Interval:        int(config.PollInterval / time.Second),
 	}
 
 	response.VerificationURIComplete = fmt.Sprintf("%s?user_code=%s", config.UserFormURL, userCode)
@@ -239,7 +241,7 @@ func CheckDeviceAuthorizationState(ctx context.Context, clientID, deviceCode str
 	if state.Denied {
 		return state, oidc.ErrAccessDenied()
 	}
-	if state.Completed {
+	if state.Done {
 		return state, nil
 	}
 	if time.Now().After(state.Expires) {

pkg/op/storage.go

@@ -155,11 +155,12 @@ type EndSessionRequest struct {
 var ErrDuplicateUserCode = errors.New("user code already exists")
 
 type DeviceAuthorizationState struct {
-	Scopes    []string
-	Expires   time.Time
-	Completed bool
-	Subject   string
-	Denied    bool
+	ClientID string
+	Scopes   []string
+	Expires  time.Time
+	Done     bool
+	Subject  string
+	Denied   bool
 }
 
 type DeviceAuthorizationStorage interface {
@@ -177,6 +178,10 @@ type DeviceAuthorizationStorage interface {
 	// The method is polled untill the the authorization is eighter Completed, Expired or Denied.
 	GetDeviceAuthorizatonState(ctx context.Context, clientID, deviceCode string) (*DeviceAuthorizationState, error)
 
+	// GetDeviceAuthorizationByUserCode resturn the current state of the device authorization flow,
+	// identified by the user code.
+	GetDeviceAuthorizationByUserCode(ctx context.Context, userCode string) (*DeviceAuthorizationState, error)
+
 	// CompleteDeviceAuthorization marks a device authorization entry as Completed,
 	// identified by userCode. The Subject is added to the state, so that
 	// GetDeviceAuthorizatonState can use it to create a new Access Token.