Struct oxide_auth::primitives::issuer::TokenMap

pub struct TokenMap<G: TagGrant = Box<dyn TagGrant + Send + Sync + 'static>> { /* fields omitted */ }

Keeps track of access and refresh tokens by a hash-map.

The generator is itself trait based and can be chosen during construction. It is assumed to not be possible (or at least very unlikely during their overlapping lifetime) for two different grants to generate the same token in the grant tagger.

Implementations

impl<G: TagGrant> TokenMap<G>

pub fn new(generator: G) -> Self

Construct a TokenMap from the given generator.

pub fn valid_for(&mut self, duration: Duration)

Set the validity of all issued grants to the specified duration.

pub fn valid_for_default(&mut self)

All grants are valid for their default duration.

pub fn revoke(&mut self, token: &str)

Unconditionally delete grant associated with the token.

This is the main advantage over signing tokens. By keeping internal state of allowed grants, the resource owner or other instances can revoke a token before it expires naturally. There is no differentiation between access and refresh tokens since these should have a marginal probability of colliding.

pub fn import_grant(&mut self, token: String, grant: Grant)

Directly associate token with grant.

No checks on the validity of the grant are performed but the expiration time of the grant is modified (if a duration was previously set).

Trait Implementations

impl<G: TagGrant> Issuer for TokenMap<G>

fn issue(&mut self, grant: Grant) -> Result<IssuedToken, ()>

Create a token authorizing the request parameters

fn refresh(&mut self, refresh: &str, grant: Grant) -> Result<RefreshedToken, ()>

Refresh a token.

fn recover_token<'a>(&'a self, token: &'a str) -> Result<Option<Grant>, ()>

Get the values corresponding to a bearer token

fn recover_refresh<'a>(&'a self, token: &'a str) -> Result<Option<Grant>, ()>

Get the values corresponding to a refresh token