package/x-oidc
1
0
Fork 0
mirror of https://github.com/xslasd/x-oidc.git synced 2025-10-03 15:16:30 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
x-oidc/granttype_refreshToken_exchange.go
xsl 73725c2d72 First submission of code
2023-06-02 10:32:29 +08:00

47 lines
1.3 KiB
Go
Raw Permalink Blame History

package oidc
import (
"context"
"github.com/google/uuid"
"github.com/xslasd/x-oidc/ecode"
"github.com/xslasd/x-oidc/model"
"github.com/xslasd/x-oidc/storage"
"github.com/xslasd/x-oidc/util"
"strings"
"time"
)
func (o *OpenIDProvider) refreshTokenExchange(ctx context.Context, req *TokenExchangeReq) (*model.AccessTokenRes, error) {
if req.RefreshToken == "" {
return nil, ecode.RefreshTokenInvalid
}
client, err := o.cfg.Storage.GetClientByClientID(ctx, req.ClientID)
if err != nil {
return nil, err
}
err = authenticatedClient(req.OAuthClientReq, client)
if err != nil {
return nil, err
}
tokenModel, authReq, err := o.cfg.Storage.AuthRequestByRefreshToken(ctx, req.RefreshToken)
if err != nil {
return nil, err
}
scopes := req.unmarshalScopes()
if len(scopes) > 0 {
for _, scope := range scopes {
if !util.ArrayContains(authReq.Scopes, scope) {
return nil, ecode.ScopesInvalid.SetDescriptionf(scope)
}
}
authReq.Scopes = scopes
}
return o.CreateAccessTokenAndIDToken(ctx, authReq, client, func() (*storage.TokenModel, error) {
tokenModel.TokenID = strings.ReplaceAll(uuid.NewString(), "-", "")
tokenModel.AccessTokenExpiration = time.Now().UTC().Add(client.AccessTokenLifetime()).Add(client.ClockSkew())
err = o.cfg.Storage.UpdateTokenModelByRefreshToken(ctx, *tokenModel)
return tokenModel, err
})
}
Reference in New Issue View Git Blame Copy Permalink