cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

review feedback

Browse source
This commit is contained in:
David Sharnoff 2022-07-20 16:55:21 -07:00
parent 1a96f056a4
commit e7c3144a6e
1 changed files with 18 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

25
pkg/op/storage.go
View file

@ -17,16 +17,27 @@ type AuthStorage interface {
DeleteAuthRequest(context.Context, string) error DeleteAuthRequest(context.Context, string) error
// The TokenRequest parameter of CreateAccessToken can be any of: // The TokenRequest parameter of CreateAccessToken can be any of:
// - TokenRequest as returned by ClientCredentialsStorage.ClientCredentialsTokenRequest //
// - RefreshTokenRequest as returned by AuthStorage.TokenRequestByRefreshToken // * TokenRequest as returned by ClientCredentialsStorage.ClientCredentialsTokenRequest,
// - AuthRequest as returned one of the AuthStorage methods above //
// - *oidc.JWTTokenRequest created by decoding a JWT // * RefreshTokenRequest as returned by AuthStorage.TokenRequestByRefreshToken
// (CreateAccessAndRefreshTokens will also be called)
//
// * AuthRequest as returned by AuthRequestByID or AuthRequestByCode (above)
//
// * *oidc.JWTTokenRequest from a JWT that is the assertion value of a JWT Profile
// Grant: https://datatracker.ietf.org/doc/html/rfc7523#section-2.1
CreateAccessToken(context.Context, TokenRequest) (accessTokenID string, expiration time.Time, err error) CreateAccessToken(context.Context, TokenRequest) (accessTokenID string, expiration time.Time, err error)
// The TokenRequest parameter of CreateAccessAndRefreshTokens can be any of: // The TokenRequest parameter of CreateAccessAndRefreshTokens can be any of:
// - TokenRequest as returned by ClientCredentialsStorage.ClientCredentialsTokenRequest //
// - RefreshTokenRequest as returned by AuthStorage.TokenRequestByRefreshToken // * TokenRequest as returned by ClientCredentialsStorage.ClientCredentialsTokenRequest
// - AuthRequest as returned one of the AuthStorage methods above //
// * RefreshTokenRequest as returned by AuthStorage.TokenRequestByRefreshToken
//
// * AuthRequest as by returned by the AuthRequestByID or AuthRequestByCode (above).
// Used for the authorization code flow which requested offline_access scope and
// registered the refresh_token grant type in advance
CreateAccessAndRefreshTokens(ctx context.Context, request TokenRequest, currentRefreshToken string) (accessTokenID string, newRefreshTokenID string, expiration time.Time, err error) CreateAccessAndRefreshTokens(ctx context.Context, request TokenRequest, currentRefreshToken string) (accessTokenID string, newRefreshTokenID string, expiration time.Time, err error)
TokenRequestByRefreshToken(ctx context.Context, refreshTokenID string) (RefreshTokenRequest, error) TokenRequestByRefreshToken(ctx context.Context, refreshTokenID string) (RefreshTokenRequest, error)