1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117
// Copyright 2024 New Vector Ltd.
// Copyright 2021-2024 The Matrix.org Foundation C.I.C.
//
// SPDX-License-Identifier: AGPL-3.0-only
// Please see LICENSE in the repository root for full details.
use async_trait::async_trait;
use mas_data_model::{AccessToken, RefreshToken, Session};
use rand_core::RngCore;
use ulid::Ulid;
use crate::{repository_impl, Clock};
/// An [`OAuth2RefreshTokenRepository`] helps interacting with [`RefreshToken`]
/// saved in the storage backend
#[async_trait]
pub trait OAuth2RefreshTokenRepository: Send + Sync {
/// The error type returned by the repository
type Error;
/// Lookup a refresh token by its ID
///
/// Returns `None` if no [`RefreshToken`] was found
///
/// # Parameters
///
/// * `id`: The ID of the [`RefreshToken`] to lookup
///
/// # Errors
///
/// Returns [`Self::Error`] if the underlying repository fails
async fn lookup(&mut self, id: Ulid) -> Result<Option<RefreshToken>, Self::Error>;
/// Find a refresh token by its token
///
/// Returns `None` if no [`RefreshToken`] was found
///
/// # Parameters
///
/// * `token`: The token of the [`RefreshToken`] to lookup
///
/// # Errors
///
/// Returns [`Self::Error`] if the underlying repository fails
async fn find_by_token(
&mut self,
refresh_token: &str,
) -> Result<Option<RefreshToken>, Self::Error>;
/// Add a new refresh token to the database
///
/// Returns the newly created [`RefreshToken`]
///
/// # Parameters
///
/// * `rng`: The random number generator to use
/// * `clock`: The clock used to generate timestamps
/// * `session`: The [`Session`] in which to create the [`RefreshToken`]
/// * `access_token`: The [`AccessToken`] created alongside this
/// [`RefreshToken`]
/// * `refresh_token`: The refresh token to store
///
/// # Errors
///
/// Returns [`Self::Error`] if the underlying repository fails
async fn add(
&mut self,
rng: &mut (dyn RngCore + Send),
clock: &dyn Clock,
session: &Session,
access_token: &AccessToken,
refresh_token: String,
) -> Result<RefreshToken, Self::Error>;
/// Consume a refresh token
///
/// Returns the updated [`RefreshToken`]
///
/// # Parameters
///
/// * `clock`: The clock used to generate timestamps
/// * `refresh_token`: The [`RefreshToken`] to consume
///
/// # Errors
///
/// Returns [`Self::Error`] if the underlying repository fails, or if the
/// token was already consumed
async fn consume(
&mut self,
clock: &dyn Clock,
refresh_token: RefreshToken,
) -> Result<RefreshToken, Self::Error>;
}
repository_impl!(OAuth2RefreshTokenRepository:
async fn lookup(&mut self, id: Ulid) -> Result<Option<RefreshToken>, Self::Error>;
async fn find_by_token(
&mut self,
refresh_token: &str,
) -> Result<Option<RefreshToken>, Self::Error>;
async fn add(
&mut self,
rng: &mut (dyn RngCore + Send),
clock: &dyn Clock,
session: &Session,
access_token: &AccessToken,
refresh_token: String,
) -> Result<RefreshToken, Self::Error>;
async fn consume(
&mut self,
clock: &dyn Clock,
refresh_token: RefreshToken,
) -> Result<RefreshToken, Self::Error>;
);