cache

package

v0.3.10 Latest Latest Go to latest Published: Dec 30, 2025 License: MIT Imports: 8 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/oy3o/oidc

Links

Documentation ¶

Index ¶

Variables
type RedisStorage
- func NewRedis(client *redis.Client, factory oidc.ClientFactory) *RedisStorage

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrAuthCodeExpired    = errors.New("auth code already expired")
	ErrDeviceCodeExpired  = errors.New("device code expired")
	ErrInvalidDataType    = errors.New("invalid data type in redis")
	ErrPARSessionExpired  = errors.New("PAR session expired")
	ErrPARSessionNotFound = errors.New("PAR session not found or expired")
)

cache errors

Functions ¶

This section is empty.

Types ¶

type RedisStorage ¶

type RedisStorage struct {
	// contains filtered or unexported fields
}

RedisStorage 实现了 oidc 包所需的多个存储接口

func NewRedis ¶

func NewRedis(client *redis.Client, factory oidc.ClientFactory) *RedisStorage

func (*RedisStorage) AccessTokenIsRevoked ¶

func (r *RedisStorage) AccessTokenIsRevoked(ctx context.Context, jti string) (bool, error)

AccessTokenIsRevoked 检查是否在黑名单

func (*RedisStorage) AccessTokenRevoke ¶

func (r *RedisStorage) AccessTokenRevoke(ctx context.Context, jti string, expiration time.Time) error

AccessTokenRevoke 加入黑名单

func (*RedisStorage) AuthCodeConsume ¶

func (r *RedisStorage) AuthCodeConsume(ctx context.Context, code string) (*oidc.AuthCodeSession, error)

AuthCodeConsume 原子性地获取并删除授权码（一次性使用）

func (*RedisStorage) AuthCodeSave ¶

func (r *RedisStorage) AuthCodeSave(ctx context.Context, session *oidc.AuthCodeSession) error

AuthCodeSave 存储生成的授权码

func (*RedisStorage) CheckAndStore ¶

func (r *RedisStorage) CheckAndStore(ctx context.Context, jti string, ttl time.Duration) (bool, error)

CheckAndStore 实现 ReplayCache 接口原子性地检查 JTI 是否已使用，若未使用则存储返回 true 表示 JTI 已存在 (重放攻击)，false 表示首次使用

func (*RedisStorage) ClientGetByID ¶

func (r *RedisStorage) ClientGetByID(ctx context.Context, clientID oidc.BinaryUUID) (oidc.RegisteredClient, error)

func (*RedisStorage) ClientInvalidate ¶

func (r *RedisStorage) ClientInvalidate(ctx context.Context, clientID oidc.BinaryUUID) error

func (*RedisStorage) ClientSave ¶

func (r *RedisStorage) ClientSave(ctx context.Context, client oidc.RegisteredClient, ttl time.Duration) error

func (*RedisStorage) DeviceCodeDelete ¶

func (r *RedisStorage) DeviceCodeDelete(ctx context.Context, deviceCode string) error

DeviceCodeDelete 删除设备码会话

func (*RedisStorage) DeviceCodeGet ¶

func (r *RedisStorage) DeviceCodeGet(ctx context.Context, deviceCode string) (*oidc.DeviceCodeSession, error)

DeviceCodeGet 获取会话

func (*RedisStorage) DeviceCodeGetByUserCode ¶

func (r *RedisStorage) DeviceCodeGetByUserCode(ctx context.Context, userCode string) (*oidc.DeviceCodeSession, error)

DeviceCodeGetByUserCode 通过 UserCode 查找

func (*RedisStorage) DeviceCodeSave ¶

func (r *RedisStorage) DeviceCodeSave(ctx context.Context, session *oidc.DeviceCodeSession) error

DeviceCodeSave 存储设备码 session

func (*RedisStorage) DeviceCodeUpdate ¶

func (r *RedisStorage) DeviceCodeUpdate(ctx context.Context, deviceCode string, session *oidc.DeviceCodeSession) error

DeviceCodeUpdate 更新状态 (例如改为 Allowed，并绑定用户)

func (*RedisStorage) JWKDelete ¶

func (r *RedisStorage) JWKDelete(ctx context.Context, kid string) error

JWKDelete 删除 JWK

func (*RedisStorage) JWKGet ¶

func (r *RedisStorage) JWKGet(ctx context.Context, kid string) (jwk.Key, error)

JWKGet 获取 JWK

func (*RedisStorage) JWKGetSigning ¶

func (r *RedisStorage) JWKGetSigning(ctx context.Context) (string, error)

JWKGetSigning 获取当前签名密钥 ID

func (*RedisStorage) JWKList ¶

func (r *RedisStorage) JWKList(ctx context.Context) ([]jwk.Key, error)

JWKList 获取所有 JWK

func (*RedisStorage) JWKMarkSigning ¶

func (r *RedisStorage) JWKMarkSigning(ctx context.Context, kid string) error

JWKMarkSigning 存储当前签名密钥 ID

func (*RedisStorage) JWKSave ¶

func (r *RedisStorage) JWKSave(ctx context.Context, key jwk.Key) error

JWKSave 存储 JWK

func (*RedisStorage) Lock ¶

func (r *RedisStorage) Lock(ctx context.Context, key string, ttl time.Duration) (bool, error)

Lock 获取分布式锁

func (*RedisStorage) PARSessionConsume ¶

func (r *RedisStorage) PARSessionConsume(ctx context.Context, requestURI string) (*oidc.AuthorizeRequest, error)

PARSessionConsume 获取并删除 PAR 会话（原子操作）

func (*RedisStorage) PARSessionSave ¶

func (r *RedisStorage) PARSessionSave(ctx context.Context, requestURI string, req *oidc.AuthorizeRequest, ttl time.Duration) error

PARSessionSave 保存 PAR 会话

func (*RedisStorage) RefreshTokenGet ¶

func (r *RedisStorage) RefreshTokenGet(ctx context.Context, tokenID oidc.Hash256) (*oidc.RefreshTokenSession, error)

func (*RedisStorage) RefreshTokenInvalidate ¶

func (r *RedisStorage) RefreshTokenInvalidate(ctx context.Context, tokenID oidc.Hash256) error

func (*RedisStorage) RefreshTokenRotate ¶

func (r *RedisStorage) RefreshTokenRotate(ctx context.Context, oldTokenID oidc.Hash256, newSession *oidc.RefreshTokenSession, gracePeriod time.Duration) error

RefreshTokenRotate 执行令牌轮换这是一个原子操作（通过 Pipeline），包含以下步骤： 1. 保存新的 Refresh Token 2. 标记旧 Token 进入宽限期 (设置 Sidecar Key) 3. 更新旧 Token 的 TTL 为宽限期时长 (使其在宽限期后自动销毁)

func (*RedisStorage) RefreshTokenSave ¶

func (r *RedisStorage) RefreshTokenSave(ctx context.Context, session *oidc.RefreshTokenSession, ttl time.Duration) error

func (*RedisStorage) RefreshTokensInvalidate ¶

func (r *RedisStorage) RefreshTokensInvalidate(ctx context.Context, tokenIDs []oidc.Hash256) error

func (*RedisStorage) Unlock ¶

func (r *RedisStorage) Unlock(ctx context.Context, key string) error

Unlock 释放分布式锁

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL