Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func HashRefreshToken ¶
HashRefreshToken creates a SHA256 hash of a refresh token
func NewJWTService ¶
func NewJWTService( logger models.Logger, sessionService services.SessionService, coreTokenService services.TokenService, keyService KeyService, cacheService CacheService, blacklistService BlacklistService, expiresIn time.Duration, refreshExpiresIn time.Duration, ) services.JWTService
Types ¶
type BlacklistService ¶
type BlacklistService interface {
BlacklistToken(ctx context.Context, jti string, expiresAt time.Time) error
IsBlacklisted(ctx context.Context, jti string) (bool, error)
BlacklistAllSessionTokens(ctx context.Context, sessionID string, expiresAt time.Time) error
CleanupExpired(ctx context.Context) error
}
func NewBlacklistService ¶
func NewBlacklistService(storage models.SecondaryStorage, logger models.Logger) BlacklistService
NewBlacklistService creates a new blacklist service
type CacheService ¶
type CacheService interface {
GetCachedJWKS(ctx context.Context) (jwk.Set, error)
FetchJWKSFromDatabase(ctx context.Context) (jwk.Set, error)
CacheJWKS(ctx context.Context, set jwk.Set) error
InvalidateCache(ctx context.Context) error
GetJWKSWithFallback(ctx context.Context) (jwk.Set, error)
}
func NewCacheService ¶
func NewCacheService(repo repositories.JWKSRepository, secondaryStorage models.SecondaryStorage, logger models.Logger, cacheTTL time.Duration) CacheService
type KeyService ¶
type KeyService interface {
GenerateKeysIfMissing(ctx context.Context) error
GetActiveKey(ctx context.Context) (*types.JWKS, error)
IsKeyRotationDue(ctx context.Context, rotationInterval time.Duration) bool
// RotateKeysIfNeeded rotates keys if they're past the rotation interval
// gracePeriod specifies how long old keys remain valid after rotation
// Returns true if rotation occurred, false otherwise
RotateKeysIfNeeded(ctx context.Context, rotationInterval time.Duration, gracePeriod time.Duration, invalidateCacheFunc func(context.Context) error) (bool, error)
}
func NewKeyService ¶
func NewKeyService(repo repositories.JWKSRepository, logger models.Logger, tokenService coreservices.TokenService, secret string) KeyService
type RefreshTokenRepository ¶
type RefreshTokenRepository interface {
StoreRefreshToken(ctx context.Context, record *types.RefreshToken) error
GetRefreshToken(ctx context.Context, tokenHash string) (*types.RefreshToken, error)
RevokeRefreshToken(ctx context.Context, tokenHash string) error
RevokeAllSessionTokens(ctx context.Context, sessionID string) error
SetLastReuseAttempt(ctx context.Context, tokenHash string) error
CleanupExpiredTokens(ctx context.Context) error
}
type RefreshTokenService ¶
type RefreshTokenService interface {
RefreshTokens(ctx context.Context, refreshToken string) (*types.RefreshTokenResponse, error)
StoreInitialRefreshToken(ctx context.Context, refreshToken string, sessionID string, expiresAt time.Time) error
}
func NewRefreshTokenService ¶
func NewRefreshTokenService( logger models.Logger, eventBus models.EventBus, sessionService coreservices.SessionService, jwtService TokenService, storage RefreshTokenRepository, gracePeriod time.Duration, refreshExpiresIn time.Duration, ) RefreshTokenService
Source Files
Click to show internal directories.
Click to hide internal directories.