mirror of
https://github.com/steveiliop56/tinyauth.git
synced 2026-06-02 17:40:14 +00:00
chore: rabbit comments
This commit is contained in:
Stavros
@@ -332,7 +332,10 @@ func (controller *OIDCController) Token(c *gin.Context) {
|
|||||||
|
|
||||||
if ok {
|
if ok {
|
||||||
controller.log.App.Warn().Msg("Code reuse detected")
|
controller.log.App.Warn().Msg("Code reuse detected")
|
||||||
controller.oidc.DeleteSessionBySub(c, usedCodeSub)
|
err := controller.oidc.DeleteSessionBySub(c, usedCodeSub)
|
||||||
|
if err != nil {
|
||||||
|
controller.log.App.Error().Err(err).Msg("Failed to delete session for reused code")
|
||||||
|
}
|
||||||
c.JSON(400, gin.H{
|
c.JSON(400, gin.H{
|
||||||
"error": "invalid_grant",
|
"error": "invalid_grant",
|
||||||
})
|
})
|
||||||
|
|||||||
@@ -684,7 +684,7 @@ func (service *OIDCService) GetSessionByToken(ctx context.Context, tokenHash str
|
|||||||
// since there is no way for the client to access anything anymore
|
// since there is no way for the client to access anything anymore
|
||||||
if entry.RefreshTokenExpiresAt < time.Now().Unix() {
|
if entry.RefreshTokenExpiresAt < time.Now().Unix() {
|
||||||
// Deletes by sub
|
// Deletes by sub
|
||||||
err := service.queries.DeleteSession(ctx, entry.Sub)
|
err := service.queries.DeleteOIDCSessionBySub(ctx, entry.Sub)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -6,6 +6,6 @@ CREATE TABLE IF NOT EXISTS "oidc_sessions" (
|
|||||||
"client_id" TEXT NOT NULL,
|
"client_id" TEXT NOT NULL,
|
||||||
"token_expires_at" INTEGER NOT NULL,
|
"token_expires_at" INTEGER NOT NULL,
|
||||||
"refresh_token_expires_at" INTEGER NOT NULL,
|
"refresh_token_expires_at" INTEGER NOT NULL,
|
||||||
"nonce" TEXT DEFAULT "",
|
"nonce" TEXT NOT NULL DEFAULT "",
|
||||||
"userinfo_json" TEXT NOT NULL
|
"userinfo_json" TEXT NOT NULL
|
||||||
);
|
);
|
||||||
|
|||||||
Reference in New Issue
Block a user