oauth 0.0.2 - Docs.rs

use std::time::SystemTime;

use crate::error::TokenStoreError;

mod in_memory;

pub use in_memory::InMemoryTokenStore;

/// Record persisted in a [`TokenStore`] representing an issued token.
#[derive(Debug, Clone)]
pub struct TokenRecord {
    pub(crate) access_token: String,
    pub(crate) refresh_token: Option<String>,
    pub(crate) client_id: String,
    pub(crate) scope: Option<String>,
    pub(crate) issued_at: SystemTime,
    pub(crate) expires_at: SystemTime,
}

impl TokenRecord {
    /// Construct a new record from the supplied parts.
    pub fn new(
        access_token: String,
        refresh_token: Option<String>,
        client_id: String,
        scope: Option<String>,
        expires_at: SystemTime,
    ) -> Self {
        Self {
            access_token,
            refresh_token,
            client_id,
            scope,
            issued_at: SystemTime::now(),
            expires_at,
        }
    }

    /// Access token value.
    pub fn access_token(&self) -> &str {
        &self.access_token
    }

    /// Refresh token, if any.
    pub fn refresh_token(&self) -> Option<&str> {
        self.refresh_token.as_deref()
    }

    /// Associated OAuth client identifier.
    pub fn client_id(&self) -> &str {
        &self.client_id
    }

    /// Granted scope.
    pub fn scope(&self) -> Option<&str> {
        self.scope.as_deref()
    }

    /// Expiry instant for the access token.
    pub fn expires_at(&self) -> SystemTime {
        self.expires_at
    }
}

/// Storage abstraction for access and refresh tokens.
pub trait TokenStore: Send + Sync {
    /// Persist a new token record.
    fn save(&self, record: TokenRecord) -> Result<(), TokenStoreError>;
    /// Revoke a record by its access token.
    fn revoke(&self, access_token: &str) -> Result<(), TokenStoreError>;
    /// Fetch a record by its access token.
    fn find(&self, access_token: &str) -> Result<Option<TokenRecord>, TokenStoreError>;
}