2021-05-20 13:33:35 +02:00
|
|
|
package command
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
|
2022-04-27 01:01:45 +02:00
|
|
|
"github.com/zitadel/zitadel/internal/domain"
|
|
|
|
"github.com/zitadel/zitadel/internal/eventstore"
|
|
|
|
"github.com/zitadel/zitadel/internal/repository/user"
|
2023-12-08 16:30:55 +02:00
|
|
|
"github.com/zitadel/zitadel/internal/zerrors"
|
2021-05-20 13:33:35 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
func (c *Commands) RevokeRefreshToken(ctx context.Context, userID, orgID, tokenID string) (*domain.ObjectDetails, error) {
|
|
|
|
removeEvent, refreshTokenWriteModel, err := c.removeRefreshToken(ctx, userID, orgID, tokenID)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2022-01-03 09:19:07 +01:00
|
|
|
events, err := c.eventstore.Push(ctx, removeEvent)
|
2021-05-20 13:33:35 +02:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
err = AppendAndReduce(refreshTokenWriteModel, events...)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return writeModelToObjectDetails(&refreshTokenWriteModel.WriteModel), nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *Commands) RevokeRefreshTokens(ctx context.Context, userID, orgID string, tokenIDs []string) (err error) {
|
|
|
|
if len(tokenIDs) == 0 {
|
2023-12-08 16:30:55 +02:00
|
|
|
return zerrors.ThrowInvalidArgument(nil, "COMMAND-Gfj42", "Errors.IDMissing")
|
2021-05-20 13:33:35 +02:00
|
|
|
}
|
2022-01-03 09:19:07 +01:00
|
|
|
events := make([]eventstore.Command, len(tokenIDs))
|
2021-05-20 13:33:35 +02:00
|
|
|
for i, tokenID := range tokenIDs {
|
|
|
|
event, _, err := c.removeRefreshToken(ctx, userID, orgID, tokenID)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
events[i] = event
|
|
|
|
}
|
2022-01-03 09:19:07 +01:00
|
|
|
_, err = c.eventstore.Push(ctx, events...)
|
2021-05-20 13:33:35 +02:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *Commands) removeRefreshToken(ctx context.Context, userID, orgID, tokenID string) (*user.HumanRefreshTokenRemovedEvent, *HumanRefreshTokenWriteModel, error) {
|
|
|
|
if userID == "" || orgID == "" || tokenID == "" {
|
2023-12-08 16:30:55 +02:00
|
|
|
return nil, nil, zerrors.ThrowInvalidArgument(nil, "COMMAND-GVDgf", "Errors.IDMissing")
|
2021-05-20 13:33:35 +02:00
|
|
|
}
|
|
|
|
refreshTokenWriteModel := NewHumanRefreshTokenWriteModel(userID, orgID, tokenID)
|
|
|
|
err := c.eventstore.FilterToQueryReducer(ctx, refreshTokenWriteModel)
|
|
|
|
if err != nil {
|
|
|
|
return nil, nil, err
|
|
|
|
}
|
|
|
|
if refreshTokenWriteModel.UserState != domain.UserStateActive {
|
2023-12-08 16:30:55 +02:00
|
|
|
return nil, nil, zerrors.ThrowNotFound(nil, "COMMAND-BHt2w", "Errors.User.RefreshToken.NotFound")
|
2021-05-20 13:33:35 +02:00
|
|
|
}
|
|
|
|
userAgg := UserAggregateFromWriteModel(&refreshTokenWriteModel.WriteModel)
|
|
|
|
return user.NewHumanRefreshTokenRemovedEvent(ctx, userAgg, tokenID), refreshTokenWriteModel, nil
|
|
|
|
}
|