storage: add a method to create an OAuth 2.0 session for a client credentials grant

2025-07-29 22:01:14 +03:00 · 2023-09-04 18:30:51 +02:00
parent 8658a3400d
commit 00fe5f902b
9 changed files with 120 additions and 18 deletions
--- a/crates/storage/src/oauth2/session.rs
+++ b/crates/storage/src/oauth2/session.rs
@ -140,7 +140,7 @@ pub trait OAuth2SessionRepository: Send + Sync {
    /// Returns [`Self::Error`] if the underlying repository fails
    async fn lookup(&mut self, id: Ulid) -> Result<Option<Session>, Self::Error>;

-    /// Create a new [`Session`]
+    /// Create a new [`Session`] out of a [`Client`] and a [`BrowserSession`]
    ///
    /// Returns the newly created [`Session`]
    ///
@ -156,7 +156,7 @@ pub trait OAuth2SessionRepository: Send + Sync {
    /// # Errors
    ///
    /// Returns [`Self::Error`] if the underlying repository fails
-    async fn add(
+    async fn add_from_browser_session(
        &mut self,
        rng: &mut (dyn RngCore + Send),
        clock: &dyn Clock,
@ -165,6 +165,29 @@ pub trait OAuth2SessionRepository: Send + Sync {
        scope: Scope,
    ) -> Result<Session, Self::Error>;

+    /// Create a new [`Session`] for a [`Client`] using the client credentials
+    /// flow
+    ///
+    /// Returns the newly created [`Session`]
+    ///
+    /// # Parameters
+    ///
+    /// * `rng`: The random number generator to use
+    /// * `clock`: The clock used to generate timestamps
+    /// * `client`: The [`Client`] which created the [`Session`]
+    /// * `scope`: The [`Scope`] of the [`Session`]
+    ///
+    /// # Errors
+    ///
+    /// Returns [`Self::Error`] if the underlying repository fails
+    async fn add_from_client_credentials(
+        &mut self,
+        rng: &mut (dyn RngCore + Send),
+        clock: &dyn Clock,
+        client: &Client,
+        scope: Scope,
+    ) -> Result<Session, Self::Error>;
+
    /// Mark a [`Session`] as finished
    ///
    /// Returns the updated [`Session`]
@ -211,7 +234,7 @@ pub trait OAuth2SessionRepository: Send + Sync {
 repository_impl!(OAuth2SessionRepository:
    async fn lookup(&mut self, id: Ulid) -> Result<Option<Session>, Self::Error>;

-    async fn add(
+    async fn add_from_browser_session(
        &mut self,
        rng: &mut (dyn RngCore + Send),
        clock: &dyn Clock,
@ -220,6 +243,14 @@ repository_impl!(OAuth2SessionRepository:
        scope: Scope,
    ) -> Result<Session, Self::Error>;

+    async fn add_from_client_credentials(
+        &mut self,
+        rng: &mut (dyn RngCore + Send),
+        clock: &dyn Clock,
+        client: &Client,
+        scope: Scope,
+    ) -> Result<Session, Self::Error>;
+
    async fn finish(&mut self, clock: &dyn Clock, session: Session)
        -> Result<Session, Self::Error>;