storage: do less joins on authorization grants and refresh tokens

2025-07-31 09:24:31 +03:00 · 2023-01-05 16:49:19 +01:00
parent 603a26eabd
commit fb7c6f4dd1
7 changed files with 140 additions and 149 deletions
--- a/crates/data-model/src/oauth2/authorization_grant.rs
+++ b/crates/data-model/src/oauth2/authorization_grant.rs
@ -63,11 +63,11 @@ pub enum AuthorizationGrantStage {
    #[default]
    Pending,
    Fulfilled {
-        session: Session,
+        session_id: Ulid,
        fulfilled_at: DateTime<Utc>,
    },
    Exchanged {
-        session: Session,
+        session_id: Ulid,
        fulfilled_at: DateTime<Utc>,
        exchanged_at: DateTime<Utc>,
    },
@ -85,12 +85,12 @@ impl AuthorizationGrantStage {
    pub fn fulfill(
        self,
        fulfilled_at: DateTime<Utc>,
-        session: Session,
+        session: &Session,
    ) -> Result<Self, InvalidTransitionError> {
        match self {
            Self::Pending => Ok(Self::Fulfilled {
                fulfilled_at,
-                session,
+                session_id: session.id,
            }),
            _ => Err(InvalidTransitionError),
        }
@ -100,11 +100,11 @@ impl AuthorizationGrantStage {
        match self {
            Self::Fulfilled {
                fulfilled_at,
-                session,
+                session_id,
            } => Ok(Self::Exchanged {
                fulfilled_at,
                exchanged_at,
-                session,
+                session_id,
            }),
            _ => Err(InvalidTransitionError),
        }
--- a/crates/data-model/src/tokens.rs
+++ b/crates/data-model/src/tokens.rs
@ -33,7 +33,7 @@ pub struct RefreshToken {
    pub id: Ulid,
    pub refresh_token: String,
    pub created_at: DateTime<Utc>,
-    pub access_token: Option<AccessToken>,
+    pub access_token_id: Option<Ulid>,
 }

 /// Type of token to generate or validate