57 lines
1.5 KiB
Go
57 lines
1.5 KiB
Go
package token
|
|
|
|
import (
|
|
"context"
|
|
"net/url"
|
|
|
|
"source.toby3d.me/toby3d/auth/internal/domain"
|
|
)
|
|
|
|
type (
|
|
ExchangeOptions struct {
|
|
ClientID domain.ClientID
|
|
RedirectURI *url.URL
|
|
Code string
|
|
CodeVerifier string
|
|
}
|
|
|
|
UseCase interface {
|
|
Exchange(ctx context.Context, opts ExchangeOptions) (*domain.Token, *domain.Profile, error)
|
|
|
|
// Verify checks the AccessToken and returns the associated information.
|
|
Verify(ctx context.Context, accessToken string) (*domain.Token, *domain.Profile, error)
|
|
|
|
// Revoke revokes the AccessToken and blocks its further use.
|
|
Revoke(ctx context.Context, accessToken string) error
|
|
}
|
|
)
|
|
|
|
var (
|
|
ErrRevoke error = domain.NewError(
|
|
domain.ErrorCodeAccessDenied,
|
|
"this token has been revoked",
|
|
"",
|
|
)
|
|
ErrMismatchClientID error = domain.NewError(
|
|
domain.ErrorCodeInvalidRequest,
|
|
"client's URL MUST match the client_id used in the authentication request",
|
|
"https://indieauth.net/source/#request",
|
|
)
|
|
ErrMismatchRedirectURI error = domain.NewError(
|
|
domain.ErrorCodeInvalidRequest,
|
|
"client's redirect URL MUST match the initial authentication request",
|
|
"https://indieauth.net/source/#request",
|
|
)
|
|
ErrEmptyScope error = domain.NewError(
|
|
domain.ErrorCodeInvalidScope,
|
|
"empty scopes are invalid",
|
|
"",
|
|
)
|
|
ErrMismatchPKCE error = domain.NewError(
|
|
domain.ErrorCodeInvalidRequest,
|
|
"code_verifier is not hashes to the same value as given in the code_challenge in the original "+
|
|
"authorization request",
|
|
"https://indieauth.net/source/#request",
|
|
)
|
|
)
|