mirror of
https://github.com/netbirdio/dex.git
synced 2026-05-22 18:43:53 -07:00
Maksim Nabokikh
69 lines
1.5 KiB
Go
69 lines
1.5 KiB
Go
package session
|
|
|
|
import "sync"
|
|
|
|
// UserClaims holds basic user identity claims from an ID token.
|
|
type UserClaims struct {
|
|
Subject string `json:"sub"`
|
|
Name string `json:"name"`
|
|
Email string `json:"email"`
|
|
PreferredUsername string `json:"preferred_username"`
|
|
}
|
|
|
|
// AuthState holds the authenticated user's state.
|
|
type AuthState struct {
|
|
Claims *UserClaims
|
|
IDToken string
|
|
Checked bool
|
|
}
|
|
|
|
// AuthStore manages the application's authentication session state.
|
|
type AuthStore interface {
|
|
// Set stores authenticated user claims and the raw ID token,
|
|
// and marks the session as checked.
|
|
Set(claims *UserClaims, rawIDToken string)
|
|
|
|
// Get returns the current authentication session state.
|
|
Get() AuthState
|
|
|
|
// Clear resets the session and returns the last raw ID token (for logout).
|
|
Clear() string
|
|
}
|
|
|
|
// memoryAuthStore is an in-memory AuthStore.
|
|
type memoryAuthStore struct {
|
|
mu sync.RWMutex
|
|
state AuthState
|
|
}
|
|
|
|
// NewMemoryAuthStore creates an in-memory AuthStore.
|
|
func NewMemoryAuthStore() AuthStore {
|
|
return &memoryAuthStore{}
|
|
}
|
|
|
|
func (s *memoryAuthStore) Set(claims *UserClaims, rawIDToken string) {
|
|
s.mu.Lock()
|
|
defer s.mu.Unlock()
|
|
|
|
s.state.Claims = claims
|
|
if rawIDToken != "" {
|
|
s.state.IDToken = rawIDToken
|
|
}
|
|
s.state.Checked = true
|
|
}
|
|
|
|
func (s *memoryAuthStore) Get() AuthState {
|
|
s.mu.RLock()
|
|
defer s.mu.RUnlock()
|
|
return s.state
|
|
}
|
|
|
|
func (s *memoryAuthStore) Clear() string {
|
|
s.mu.Lock()
|
|
defer s.mu.Unlock()
|
|
|
|
idToken := s.state.IDToken
|
|
s.state = AuthState{}
|
|
return idToken
|
|
}
|