▽

Package storage

func MaybeBeginTx ¶

func MaybeBeginTx(ctx context.Context, storage interface{}) (context.Context, error)

MaybeBeginTx is a helper function that can be used to initiate a transaction if the supplied storage implements the `Transactional` interface.

func MaybeCommitTx ¶

func MaybeCommitTx(ctx context.Context, storage interface{}) error

MaybeCommitTx is a helper function that can be used to commit a transaction if the supplied storage implements the `Transactional` interface.

func MaybeRollbackTx ¶

func MaybeRollbackTx(ctx context.Context, storage interface{}) error

MaybeRollbackTx is a helper function that can be used to rollback a transaction if the supplied storage implements the `Transactional` interface.

type IssuerPublicKeys ¶

type IssuerPublicKeys struct {
    Issuer    string
    KeysBySub map[string]SubjectPublicKeys
}

type MemoryStore ¶

type MemoryStore struct {
    Clients         map[string]fosite.Client
    AuthorizeCodes  map[string]StoreAuthorizeCode
    IDSessions      map[string]fosite.Requester
    AccessTokens    map[string]fosite.Requester
    RefreshTokens   map[string]StoreRefreshToken
    PKCES           map[string]fosite.Requester
    Users           map[string]MemoryUserRelation
    BlacklistedJTIs map[string]time.Time
    // In-memory request ID to token signatures
    AccessTokenRequestIDs  map[string]string
    RefreshTokenRequestIDs map[string]string
    // Public keys to check signature in auth grant jwt assertion.
    IssuerPublicKeys map[string]IssuerPublicKeys
    // contains filtered or unexported fields
}

func NewExampleStore ¶

func NewExampleStore() *MemoryStore

func NewMemoryStore ¶

func NewMemoryStore() *MemoryStore

func (*MemoryStore) Authenticate ¶

func (s *MemoryStore) Authenticate(_ context.Context, name string, secret string) error

func (*MemoryStore) ClientAssertionJWTValid ¶

func (s *MemoryStore) ClientAssertionJWTValid(_ context.Context, jti string) error

func (*MemoryStore) CreateAccessTokenSession ¶

func (s *MemoryStore) CreateAccessTokenSession(_ context.Context, signature string, req fosite.Requester) error

func (*MemoryStore) CreateAuthorizeCodeSession ¶

func (s *MemoryStore) CreateAuthorizeCodeSession(_ context.Context, code string, req fosite.Requester) error

func (*MemoryStore) CreateOpenIDConnectSession ¶

func (s *MemoryStore) CreateOpenIDConnectSession(_ context.Context, authorizeCode string, requester fosite.Requester) error

func (*MemoryStore) CreatePKCERequestSession ¶

func (s *MemoryStore) CreatePKCERequestSession(_ context.Context, code string, req fosite.Requester) error

func (*MemoryStore) CreateRefreshTokenSession ¶

func (s *MemoryStore) CreateRefreshTokenSession(_ context.Context, signature string, req fosite.Requester) error

func (*MemoryStore) DeleteAccessTokenSession ¶

func (s *MemoryStore) DeleteAccessTokenSession(_ context.Context, signature string) error

func (*MemoryStore) DeleteOpenIDConnectSession ¶

func (s *MemoryStore) DeleteOpenIDConnectSession(_ context.Context, authorizeCode string) error

DeleteOpenIDConnectSession is not really called from anywhere and it is deprecated.

func (*MemoryStore) DeletePKCERequestSession ¶

func (s *MemoryStore) DeletePKCERequestSession(_ context.Context, code string) error

func (*MemoryStore) DeleteRefreshTokenSession ¶

func (s *MemoryStore) DeleteRefreshTokenSession(_ context.Context, signature string) error

func (*MemoryStore) GetAccessTokenSession ¶

func (s *MemoryStore) GetAccessTokenSession(_ context.Context, signature string, _ fosite.Session) (fosite.Requester, error)

func (*MemoryStore) GetAuthorizeCodeSession ¶

func (s *MemoryStore) GetAuthorizeCodeSession(_ context.Context, code string, _ fosite.Session) (fosite.Requester, error)

func (*MemoryStore) GetClient ¶

func (s *MemoryStore) GetClient(_ context.Context, id string) (fosite.Client, error)

func (*MemoryStore) GetOpenIDConnectSession ¶

func (s *MemoryStore) GetOpenIDConnectSession(_ context.Context, authorizeCode string, requester fosite.Requester) (fosite.Requester, error)

func (*MemoryStore) GetPKCERequestSession ¶

func (s *MemoryStore) GetPKCERequestSession(_ context.Context, code string, _ fosite.Session) (fosite.Requester, error)

func (*MemoryStore) GetPublicKey ¶

func (s *MemoryStore) GetPublicKey(ctx context.Context, issuer string, subject string, keyId string) (*jose.JSONWebKey, error)

func (*MemoryStore) GetPublicKeyScopes ¶

func (s *MemoryStore) GetPublicKeyScopes(ctx context.Context, issuer string, subject string, keyId string) ([]string, error)

func (*MemoryStore) GetPublicKeys ¶

func (s *MemoryStore) GetPublicKeys(ctx context.Context, issuer string, subject string) (*jose.JSONWebKeySet, error)

func (*MemoryStore) GetRefreshTokenSession ¶

func (s *MemoryStore) GetRefreshTokenSession(_ context.Context, signature string, _ fosite.Session) (fosite.Requester, error)

func (*MemoryStore) InvalidateAuthorizeCodeSession ¶

func (s *MemoryStore) InvalidateAuthorizeCodeSession(ctx context.Context, code string) error

func (*MemoryStore) IsJWTUsed ¶

func (s *MemoryStore) IsJWTUsed(ctx context.Context, jti string) (bool, error)

func (*MemoryStore) MarkJWTUsedForTime ¶

func (s *MemoryStore) MarkJWTUsedForTime(ctx context.Context, jti string, exp time.Time) error

func (*MemoryStore) RevokeAccessToken ¶

func (s *MemoryStore) RevokeAccessToken(ctx context.Context, requestID string) error

func (*MemoryStore) RevokeRefreshToken ¶

func (s *MemoryStore) RevokeRefreshToken(ctx context.Context, requestID string) error

func (*MemoryStore) RevokeRefreshTokenMaybeGracePeriod ¶

func (s *MemoryStore) RevokeRefreshTokenMaybeGracePeriod(ctx context.Context, requestID string, signature string) error

func (*MemoryStore) SetClientAssertionJWT ¶

func (s *MemoryStore) SetClientAssertionJWT(_ context.Context, jti string, exp time.Time) error

type MemoryUserRelation ¶

type MemoryUserRelation struct {
    Username string
    Password string
}

type PublicKeyScopes ¶

type PublicKeyScopes struct {
    Key    *jose.JSONWebKey
    Scopes []string
}

type StoreAuthorizeCode ¶

type StoreAuthorizeCode struct {
    fosite.Requester
    // contains filtered or unexported fields
}

type StoreRefreshToken ¶

type StoreRefreshToken struct {
    fosite.Requester
    // contains filtered or unexported fields
}

type SubjectPublicKeys ¶

type SubjectPublicKeys struct {
    Subject string
    Keys    map[string]PublicKeyScopes
}

type Transactional ¶

A storage provider that has support for transactions should implement this interface to ensure atomicity for certain flows that require transactional semantics. Fosite will call these methods (when atomicity is required) if and only if the storage provider has implemented `Transactional`. It is expected that the storage provider will examine context for an existing transaction each time a database operation is to be performed.

An implementation of `BeginTX` should attempt to initiate a new transaction and store that under a unique key in the context that can be accessible by `Commit` and `Rollback`. The "transactional aware" context will then be returned for further propagation, eventually to be consumed by `Commit` or `Rollback` to finish the transaction.

Implementations for `Commit` & `Rollback` should look for the transaction object inside the supplied context using the same key used by `BeginTX`. If these methods have been called, it is expected that a txn object should be available in the provided context.

type Transactional interface {
    BeginTX(ctx context.Context) (context.Context, error)
    Commit(ctx context.Context) error
    Rollback(ctx context.Context) error
}