Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type JWKS ¶
type JWKS struct {
bun.BaseModel `bun:"table:jwks"`
ID string `json:"id" bun:"column:id,pk"`
PublicKey string `json:"public_key" bun:"column:public_key"`
PrivateKey string `json:"private_key" bun:"column:private_key"`
ExpiresAt *time.Time `json:"expires_at" bun:"column:expires_at"`
CreatedAt time.Time `json:"created_at" bun:"column:created_at,default:current_timestamp"`
}
type JWTPluginConfig ¶
type JWTPluginConfig struct {
Enabled bool `json:"enabled" toml:"enabled"`
KeyRotationInterval time.Duration `json:"key_rotation_interval" toml:"key_rotation_interval"` // Default: 30 days
KeyRotationGracePeriod time.Duration `json:"key_rotation_grace_period" toml:"key_rotation_grace_period"` // Grace period for old key validity after rotation, default: 1 hour
ExpiresIn time.Duration `json:"expires_in" toml:"expires_in"` // Access token TTL
RefreshExpiresIn time.Duration `json:"refresh_expires_in" toml:"refresh_expires_in"` // Refresh token TTL
JWKSCacheTTL time.Duration `json:"jwks_cache_ttl" toml:"jwks_cache_ttl"` // Cache TTL for JWKS, default 24 hours
RefreshGracePeriod time.Duration `json:"refresh_grace_period" toml:"refresh_grace_period"` // Grace period for refresh token reuse, default 10s
}
func (*JWTPluginConfig) ApplyDefaults ¶
func (c *JWTPluginConfig) ApplyDefaults()
type JWTTokenType ¶
type JWTTokenType string
const ( JWTTokenTypeAccess JWTTokenType = "access_token" JWTTokenTypeRefresh JWTTokenType = "refresh_token" )
func (JWTTokenType) String ¶
func (t JWTTokenType) String() string
type RefreshToken ¶
type RefreshToken struct {
bun.BaseModel `bun:"table:refresh_tokens"`
ID string `json:"id" bun:"column:id,pk"`
SessionID string `json:"session_id" bun:"column:session_id"`
TokenHash string `json:"token_hash" bun:"column:token_hash"`
ExpiresAt time.Time `json:"expires_at" bun:"column:expires_at"`
IsRevoked bool `json:"is_revoked" bun:"column:is_revoked"`
RevokedAt *time.Time `json:"revoked_at" bun:"column:revoked_at"`
LastReuseAttempt *time.Time `json:"last_reuse_attempt" bun:"column:last_reuse_attempt"`
CreatedAt time.Time `json:"created_at" bun:"column:created_at,default:current_timestamp"`
}
type RefreshTokenRequest ¶ added in v1.7.0
type RefreshTokenRequest struct {
RefreshToken string `json:"refresh_token"`
}
func (*RefreshTokenRequest) Validate ¶ added in v1.7.0
func (r *RefreshTokenRequest) Validate() error
type RefreshTokenResponse ¶ added in v1.7.0
type TokenClaims ¶ added in v1.9.0
type TokenClaims struct {
Subject string `json:"sub"`
UserID string `json:"user_id,omitempty"`
SessionID string `json:"session_id,omitempty"`
TokenType string `json:"token_type"`
ActorType string `json:"actor_type,omitempty"`
OrganizationID string `json:"org_id,omitempty"`
Scopes []string `json:"scopes,omitempty"`
JTI string `json:"jti"`
IssuedAt int64 `json:"iat"`
Expiration int64 `json:"exp"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.