mirror of
https://github.com/steveiliop56/tinyauth.git
synced 2026-02-22 17:02:01 +00:00
671343f677
* chore: add oidc base config * wip: authorize page * feat: implement basic oidc functionality * refactor: implement oidc following tinyauth patterns * feat: adapt frontend to oidc flow * fix: review comments * fix: oidc review comments * feat: refresh token grant type support * feat: cleanup expired oidc sessions * feat: frontend i18n * fix: fix typo in error screen * tests: add basic testing * fix: more review comments * refactor: rework oidc error messages * feat: openid discovery endpoint * feat: jwk endpoint * i18n: fix typo * fix: more rabbit nitpicks * fix: final review comments * i18n: authorize page error messages
114 lines
2.2 KiB
SQL
114 lines
2.2 KiB
SQL
-- name: CreateOidcCode :one
|
|
INSERT INTO "oidc_codes" (
|
|
"sub",
|
|
"code_hash",
|
|
"scope",
|
|
"redirect_uri",
|
|
"client_id",
|
|
"expires_at"
|
|
) VALUES (
|
|
?, ?, ?, ?, ?, ?
|
|
)
|
|
RETURNING *;
|
|
|
|
-- name: GetOidcCodeUnsafe :one
|
|
SELECT * FROM "oidc_codes"
|
|
WHERE "code_hash" = ?;
|
|
|
|
-- name: GetOidcCode :one
|
|
DELETE FROM "oidc_codes"
|
|
WHERE "code_hash" = ?
|
|
RETURNING *;
|
|
|
|
-- name: GetOidcCodeBySubUnsafe :one
|
|
SELECT * FROM "oidc_codes"
|
|
WHERE "sub" = ?;
|
|
|
|
-- name: GetOidcCodeBySub :one
|
|
DELETE FROM "oidc_codes"
|
|
WHERE "sub" = ?
|
|
RETURNING *;
|
|
|
|
-- name: DeleteOidcCode :exec
|
|
DELETE FROM "oidc_codes"
|
|
WHERE "code_hash" = ?;
|
|
|
|
-- name: DeleteOidcCodeBySub :exec
|
|
DELETE FROM "oidc_codes"
|
|
WHERE "sub" = ?;
|
|
|
|
-- name: CreateOidcToken :one
|
|
INSERT INTO "oidc_tokens" (
|
|
"sub",
|
|
"access_token_hash",
|
|
"refresh_token_hash",
|
|
"scope",
|
|
"client_id",
|
|
"token_expires_at",
|
|
"refresh_token_expires_at"
|
|
) VALUES (
|
|
?, ?, ?, ?, ?, ?, ?
|
|
)
|
|
RETURNING *;
|
|
|
|
-- name: UpdateOidcTokenByRefreshToken :one
|
|
UPDATE "oidc_tokens" SET
|
|
"access_token_hash" = ?,
|
|
"refresh_token_hash" = ?,
|
|
"token_expires_at" = ?,
|
|
"refresh_token_expires_at" = ?
|
|
WHERE "refresh_token_hash" = ?
|
|
RETURNING *;
|
|
|
|
-- name: GetOidcToken :one
|
|
SELECT * FROM "oidc_tokens"
|
|
WHERE "access_token_hash" = ?;
|
|
|
|
-- name: GetOidcTokenByRefreshToken :one
|
|
SELECT * FROM "oidc_tokens"
|
|
WHERE "refresh_token_hash" = ?;
|
|
|
|
-- name: GetOidcTokenBySub :one
|
|
SELECT * FROM "oidc_tokens"
|
|
WHERE "sub" = ?;
|
|
|
|
|
|
-- name: DeleteOidcToken :exec
|
|
DELETE FROM "oidc_tokens"
|
|
WHERE "access_token_hash" = ?;
|
|
|
|
-- name: DeleteOidcTokenBySub :exec
|
|
DELETE FROM "oidc_tokens"
|
|
WHERE "sub" = ?;
|
|
|
|
-- name: CreateOidcUserInfo :one
|
|
INSERT INTO "oidc_userinfo" (
|
|
"sub",
|
|
"name",
|
|
"preferred_username",
|
|
"email",
|
|
"groups",
|
|
"updated_at"
|
|
) VALUES (
|
|
?, ?, ?, ?, ?, ?
|
|
)
|
|
RETURNING *;
|
|
|
|
-- name: GetOidcUserInfo :one
|
|
SELECT * FROM "oidc_userinfo"
|
|
WHERE "sub" = ?;
|
|
|
|
-- name: DeleteOidcUserInfo :exec
|
|
DELETE FROM "oidc_userinfo"
|
|
WHERE "sub" = ?;
|
|
|
|
-- name: DeleteExpiredOidcCodes :many
|
|
DELETE FROM "oidc_codes"
|
|
WHERE "expires_at" < ?
|
|
RETURNING *;
|
|
|
|
-- name: DeleteExpiredOidcTokens :many
|
|
DELETE FROM "oidc_tokens"
|
|
WHERE "token_expires_at" < ? AND "refresh_token_expires_at" < ?
|
|
RETURNING *;
|