-
Notifications
You must be signed in to change notification settings - Fork 33
/
models.go
257 lines (217 loc) · 10.5 KB
/
models.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
/* Copyright (c) 2021, VRAI Labs and/or its affiliates. All rights reserved.
*
* This software is licensed under the Apache License, Version 2.0 (the
* "License") as published by the Apache Software Foundation.
*
* You may not use this file except in compliance with the License. You may
* obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations
* under the License.
*/
package sessmodels
import (
"net/http"
"time"
"github.com/MicahParks/keyfunc/v2"
"github.com/supertokens/supertokens-golang/recipe/openid/openidmodels"
"github.com/supertokens/supertokens-golang/recipe/session/claims"
"github.com/supertokens/supertokens-golang/supertokens"
)
type TokenType string
const (
AccessToken TokenType = "access"
RefreshToken TokenType = "refresh"
)
// When adding a new token transfer method, it's also necessary to update the related constant (availableTokenTransferMethods) in `session/constants.go`
type TokenTransferMethod string
const (
CookieTransferMethod TokenTransferMethod = "cookie"
HeaderTransferMethod TokenTransferMethod = "header"
AnyTransferMethod TokenTransferMethod = "any"
)
type GetJWKSResult struct {
JWKS *keyfunc.JWKS
Error error
LastFetched int64
}
type GetJWKSFunctionObject struct {
Fn GetJWKSFunction
Path string
}
type GetJWKSFunction = func(string) GetJWKSResult
func getCurrTimeInMS() uint64 {
return uint64(time.Now().UnixNano() / 1000000)
}
type KeyInfo struct {
PublicKey string
ExpiryTime uint64
CreatedAt uint64
}
type CreateOrRefreshAPIResponse struct {
Session SessionStruct `json:"session"`
AccessToken CreateOrRefreshAPIResponseToken `json:"accessToken"`
RefreshToken CreateOrRefreshAPIResponseToken `json:"refreshToken"`
AntiCsrfToken *string `json:"antiCsrfToken"`
}
type SessionStruct struct {
Handle string `json:"handle"`
UserID string `json:"userId"`
UserDataInAccessToken map[string]interface{} `json:"userDataInJWT"`
ExpiryTime uint64 `json:"expiryTime"`
TenantId string `json:"tenantId"`
}
type CreateOrRefreshAPIResponseToken struct {
Token string `json:"token"`
Expiry uint64 `json:"expiry"`
CreatedTime uint64 `json:"createdTime"`
}
type GetSessionResponse struct {
Status string
Session SessionStruct `json:"session"`
AccessToken CreateOrRefreshAPIResponseToken `json:"accessToken"`
}
type RegenerateAccessTokenResponse struct {
Status string `json:"status"`
Session SessionStruct `json:"session"`
AccessToken CreateOrRefreshAPIResponseToken `json:"accessToken"`
}
type TypeInput struct {
CookieSecure *bool
CookieSameSite *string
SessionExpiredStatusCode *int
InvalidClaimStatusCode *int
CookieDomain *string
AntiCsrf *string
Override *OverrideStruct
ErrorHandlers *ErrorHandlers
GetTokenTransferMethod func(req *http.Request, forCreateNewSession bool, userContext supertokens.UserContext) TokenTransferMethod
ExposeAccessTokenToFrontendInCookieBasedAuth bool
UseDynamicAccessTokenSigningKey *bool
}
type OverrideStruct struct {
Functions func(originalImplementation RecipeInterface) RecipeInterface
APIs func(originalImplementation APIInterface) APIInterface
OpenIdFeature *openidmodels.OverrideStruct
}
type ErrorHandlers struct {
OnUnauthorised func(message string, req *http.Request, res http.ResponseWriter) error
OnTokenTheftDetected func(sessionHandle string, userID string, req *http.Request, res http.ResponseWriter) error
OnInvalidClaim func(validationErrors []claims.ClaimValidationError, req *http.Request, res http.ResponseWriter) error
}
type TypeNormalisedInput struct {
RefreshTokenPath supertokens.NormalisedURLPath
CookieDomain *string
GetCookieSameSite func(request *http.Request, userContext supertokens.UserContext) (string, error)
CookieSecure bool
SessionExpiredStatusCode int
InvalidClaimStatusCode int
AntiCsrfFunctionOrString AntiCsrfFunctionOrString
Override OverrideStruct
ErrorHandlers NormalisedErrorHandlers
GetTokenTransferMethod func(req *http.Request, forCreateNewSession bool, userContext supertokens.UserContext) TokenTransferMethod
ExposeAccessTokenToFrontendInCookieBasedAuth bool
UseDynamicAccessTokenSigningKey bool
}
type AntiCsrfFunctionOrString struct {
StrValue string
FunctionValue func(request *http.Request, userContext supertokens.UserContext) (string, error)
}
type JWTNormalisedConfig struct {
Issuer *string
Enable bool
PropertyNameInAccessTokenPayload string
}
type VerifySessionOptions struct {
AntiCsrfCheck *bool
SessionRequired *bool
CheckDatabase *bool
OverrideGlobalClaimValidators func(globalClaimValidators []claims.SessionClaimValidator, sessionContainer SessionContainer, userContext supertokens.UserContext) ([]claims.SessionClaimValidator, error)
}
type APIOptions struct {
RecipeImplementation RecipeInterface
Config TypeNormalisedInput
RecipeID string
Req *http.Request
Res http.ResponseWriter
OtherHandler http.HandlerFunc
ClaimValidatorsAddedByOtherRecipes []claims.SessionClaimValidator
}
type NormalisedErrorHandlers struct {
OnUnauthorised func(message string, req *http.Request, res http.ResponseWriter) error
OnTryRefreshToken func(message string, req *http.Request, res http.ResponseWriter) error
OnTokenTheftDetected func(sessionHandle string, userID string, req *http.Request, res http.ResponseWriter) error
OnInvalidClaim func(validationErrors []claims.ClaimValidationError, req *http.Request, res http.ResponseWriter) error
}
type SessionTokens struct {
AccessToken string
RefreshToken *string
AntiCsrfToken *string
FrontToken string
AccessAndFrontendTokenUpdated bool
}
type RequestResponseInfo struct {
Res http.ResponseWriter
Req *http.Request
TokenTransferMethod TokenTransferMethod
}
type TypeSessionContainer struct {
RevokeSession func() error
GetSessionDataInDatabase func() (map[string]interface{}, error)
UpdateSessionDataInDatabase func(newSessionData map[string]interface{}) error
GetUserID func() string
GetTenantId func() string
GetAccessTokenPayload func() map[string]interface{}
GetHandle func() string
GetAllSessionTokensDangerously func() SessionTokens
GetAccessToken func() string
GetTimeCreated func() (uint64, error)
GetExpiry func() (uint64, error)
RevokeSessionWithContext func(userContext supertokens.UserContext) error
GetSessionDataInDatabaseWithContext func(userContext supertokens.UserContext) (map[string]interface{}, error)
UpdateSessionDataInDatabaseWithContext func(newSessionData map[string]interface{}, userContext supertokens.UserContext) error
GetUserIDWithContext func(userContext supertokens.UserContext) string
GetTenantIdWithContext func(userContext supertokens.UserContext) string
GetAccessTokenPayloadWithContext func(userContext supertokens.UserContext) map[string]interface{}
GetHandleWithContext func(userContext supertokens.UserContext) string
GetAccessTokenWithContext func(userContext supertokens.UserContext) string
GetTimeCreatedWithContext func(userContext supertokens.UserContext) (uint64, error)
GetExpiryWithContext func(userContext supertokens.UserContext) (uint64, error)
MergeIntoAccessTokenPayloadWithContext func(accessTokenPayloadUpdate map[string]interface{}, userContext supertokens.UserContext) error
AssertClaimsWithContext func(claimValidators []claims.SessionClaimValidator, userContext supertokens.UserContext) error
FetchAndSetClaimWithContext func(claim *claims.TypeSessionClaim, userContext supertokens.UserContext) error
SetClaimValueWithContext func(claim *claims.TypeSessionClaim, value interface{}, userContext supertokens.UserContext) error
GetClaimValueWithContext func(claim *claims.TypeSessionClaim, userContext supertokens.UserContext) interface{}
RemoveClaimWithContext func(claim *claims.TypeSessionClaim, userContext supertokens.UserContext) error
AttachToRequestResponseWithContext func(info RequestResponseInfo, userContext supertokens.UserContext) error
MergeIntoAccessTokenPayload func(accessTokenPayloadUpdate map[string]interface{}) error
AssertClaims func(claimValidators []claims.SessionClaimValidator) error
FetchAndSetClaim func(claim *claims.TypeSessionClaim) error
SetClaimValue func(claim *claims.TypeSessionClaim, value interface{}) error
GetClaimValue func(claim *claims.TypeSessionClaim) interface{}
RemoveClaim func(claim *claims.TypeSessionClaim) error
AttachToRequestResponse func(info RequestResponseInfo) error
}
type SessionContainer = *TypeSessionContainer
type SessionInformation struct {
SessionHandle string
UserId string
SessionDataInDatabase map[string]interface{}
Expiry uint64
CustomClaimsInAccessTokenPayload map[string]interface{}
TimeCreated uint64
TenantId string
}
type ParsedJWTInfo struct {
RawTokenString string
RawPayload string
Header string
Payload map[string]interface{}
Signature string
Version int
KID *string
}
const SessionContext int = iota