cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

breaking change: Add GetRefreshTokenInfo() to op.Storage

Browse source
This commit is contained in:
David Sharnoff 2023-02-28 15:49:24 -08:00 committed by Tim Möhlmann
parent f3eae0f329
commit f447b9b6d4
8 changed files with 59 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

12
example/server/storage/storage.go
View file

@ -327,6 +327,16 @@ func (s *Storage) TerminateSession(ctx context.Context, userID string, clientID
return nil
}
// GetRefreshTokenInfo looks up a refresh token and returns the token id and user id.
// If given something that is not a refresh token, it must return error.
func (s *Storage) GetRefreshTokenInfo(ctx context.Context, clientID string, token string) (userID string, tokenID string, err error) {
refreshToken, ok := s.refreshTokens[token]
if !ok {
return "", "", op.ErrInvalidRefreshToken
}
return refreshToken.UserID, refreshToken.ID, nil
}
// RevokeToken implements the op.Storage interface
// it will be called after parsing and validation of the token revocation request
func (s *Storage) RevokeToken(ctx context.Context, tokenIDOrToken string, userID string, clientID string) *oidc.Error {
@ -384,7 +394,7 @@ func (s *Storage) KeySet(ctx context.Context) ([]op.Key, error) {
// so it will directly use its public key
//
// when using key rotation you typically would store the public keys alongside the private keys in your database
//and give both of them an expiration date, with the public key having a longer lifetime
// and give both of them an expiration date, with the public key having a longer lifetime
return []op.Key{&publicKey{s.signingKey}}, nil
}

10
example/server/storage/storage_dynamic.go
View file

@ -126,6 +126,16 @@ func (s *multiStorage) TerminateSession(ctx context.Context, userID string, clie
return storage.TerminateSession(ctx, userID, clientID)
}
// GetRefreshTokenInfo looks up a refresh token and returns the token id and user id.
// If given something that is not a refresh token, it must return error.
func (s *multiStorage) GetRefreshTokenInfo(ctx context.Context, clientID string, token string) (userID string, tokenID string, err error) {
storage, err := s.storageFromContext(ctx)
if err != nil {
return "", "", err
}
return storage.GetRefreshTokenInfo(ctx, clientID, token)
}
// RevokeToken implements the op.Storage interface
// it will be called after parsing and validation of the token revocation request
func (s *multiStorage) RevokeToken(ctx context.Context, token string, userID string, clientID string) *oidc.Error {