cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

review feedback

Browse source
This commit is contained in:
David Sharnoff 2022-07-20 16:55:21 -07:00
parent 1a96f056a4
commit e7c3144a6e
1 changed files with 18 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

25
pkg/op/storage.go
View file

@ -17,16 +17,27 @@ type AuthStorage interface {
DeleteAuthRequest(context.Context, string) error
// The TokenRequest parameter of CreateAccessToken can be any of:
// - TokenRequest as returned by ClientCredentialsStorage.ClientCredentialsTokenRequest
// - RefreshTokenRequest as returned by AuthStorage.TokenRequestByRefreshToken
// - AuthRequest as returned one of the AuthStorage methods above
// - *oidc.JWTTokenRequest created by decoding a JWT
//
// * TokenRequest as returned by ClientCredentialsStorage.ClientCredentialsTokenRequest,
//
// * RefreshTokenRequest as returned by AuthStorage.TokenRequestByRefreshToken
// (CreateAccessAndRefreshTokens will also be called)
//
// * AuthRequest as returned by AuthRequestByID or AuthRequestByCode (above)
//
// * *oidc.JWTTokenRequest from a JWT that is the assertion value of a JWT Profile
// Grant: https://datatracker.ietf.org/doc/html/rfc7523#section-2.1
CreateAccessToken(context.Context, TokenRequest) (accessTokenID string, expiration time.Time, err error)
// The TokenRequest parameter of CreateAccessAndRefreshTokens can be any of:
// - TokenRequest as returned by ClientCredentialsStorage.ClientCredentialsTokenRequest
// - RefreshTokenRequest as returned by AuthStorage.TokenRequestByRefreshToken
// - AuthRequest as returned one of the AuthStorage methods above
//
// * TokenRequest as returned by ClientCredentialsStorage.ClientCredentialsTokenRequest
//
// * RefreshTokenRequest as returned by AuthStorage.TokenRequestByRefreshToken
//
// * AuthRequest as by returned by the AuthRequestByID or AuthRequestByCode (above).
// Used for the authorization code flow which requested offline_access scope and
// registered the refresh_token grant type in advance
CreateAccessAndRefreshTokens(ctx context.Context, request TokenRequest, currentRefreshToken string) (accessTokenID string, newRefreshTokenID string, expiration time.Time, err error)
TokenRequestByRefreshToken(ctx context.Context, refreshTokenID string) (RefreshTokenRequest, error)