2021-07-21 23:04:00 +00:00
|
|
|
package token
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
2021-09-20 18:25:08 +00:00
|
|
|
|
2022-03-13 10:58:34 +00:00
|
|
|
"source.toby3d.me/toby3d/auth/internal/domain"
|
2021-07-21 23:04:00 +00:00
|
|
|
)
|
|
|
|
|
2021-11-14 21:17:25 +00:00
|
|
|
type (
|
2022-01-13 20:49:08 +00:00
|
|
|
ExchangeOptions struct {
|
|
|
|
ClientID *domain.ClientID
|
|
|
|
RedirectURI *domain.URL
|
|
|
|
Code string
|
|
|
|
CodeVerifier string
|
2021-11-14 21:17:25 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
UseCase interface {
|
2022-01-29 20:43:53 +00:00
|
|
|
Exchange(ctx context.Context, opts ExchangeOptions) (*domain.Token, *domain.Profile, error)
|
2021-11-14 21:17:25 +00:00
|
|
|
|
|
|
|
// Verify checks the AccessToken and returns the associated information.
|
2022-02-25 15:32:18 +00:00
|
|
|
Verify(ctx context.Context, accessToken string) (*domain.Token, *domain.Profile, error)
|
2021-11-14 21:17:25 +00:00
|
|
|
|
|
|
|
// Revoke revokes the AccessToken and blocks its further use.
|
|
|
|
Revoke(ctx context.Context, accessToken string) error
|
|
|
|
}
|
|
|
|
)
|
2021-10-17 22:51:10 +00:00
|
|
|
|
2022-01-29 20:43:53 +00:00
|
|
|
var (
|
|
|
|
ErrRevoke error = domain.NewError(
|
|
|
|
domain.ErrorCodeAccessDenied,
|
|
|
|
"this token has been revoked",
|
|
|
|
"",
|
|
|
|
)
|
|
|
|
ErrMismatchClientID error = domain.NewError(
|
|
|
|
domain.ErrorCodeInvalidRequest,
|
|
|
|
"client's URL MUST match the client_id used in the authentication request",
|
2022-02-02 21:13:46 +00:00
|
|
|
"https://indieauth.net/source/#request",
|
2022-01-29 20:43:53 +00:00
|
|
|
)
|
|
|
|
ErrMismatchRedirectURI error = domain.NewError(
|
|
|
|
domain.ErrorCodeInvalidRequest,
|
|
|
|
"client's redirect URL MUST match the initial authentication request",
|
2022-02-02 21:13:46 +00:00
|
|
|
"https://indieauth.net/source/#request",
|
2022-01-29 20:43:53 +00:00
|
|
|
)
|
|
|
|
ErrEmptyScope error = domain.NewError(
|
|
|
|
domain.ErrorCodeInvalidScope,
|
|
|
|
"empty scopes are invalid",
|
|
|
|
"",
|
|
|
|
)
|
|
|
|
ErrMismatchPKCE error = domain.NewError(
|
|
|
|
domain.ErrorCodeInvalidRequest,
|
|
|
|
"code_verifier is not hashes to the same value as given in the code_challenge in the original "+
|
2022-02-02 21:13:46 +00:00
|
|
|
"authorization request",
|
|
|
|
"https://indieauth.net/source/#request",
|
2022-01-29 20:43:53 +00:00
|
|
|
)
|
|
|
|
)
|