zitadel/internal/user/repository/view/refresh_token_view.go

package view

import (
	"github.com/jinzhu/gorm"

	"github.com/zitadel/zitadel/internal/domain"
	"github.com/zitadel/zitadel/internal/errors"
	"github.com/zitadel/zitadel/internal/user/model"
	usr_model "github.com/zitadel/zitadel/internal/user/repository/view/model"
	"github.com/zitadel/zitadel/internal/view/repository"
)

func RefreshTokenByID(db *gorm.DB, table, tokenID, instanceID string) (*usr_model.RefreshTokenView, error) {
	token := new(usr_model.RefreshTokenView)
	query := repository.PrepareGetByQuery(table,
		&usr_model.RefreshTokenSearchQuery{Key: model.RefreshTokenSearchKeyRefreshTokenID, Method: domain.SearchMethodEquals, Value: tokenID},
		&usr_model.RefreshTokenSearchQuery{Key: model.RefreshTokenSearchKeyInstanceID, Method: domain.SearchMethodEquals, Value: instanceID},
	)
	err := query(db, token)
	if errors.IsNotFound(err) {
		return nil, errors.ThrowNotFound(nil, "VIEW-6ub3p", "Errors.RefreshToken.NotFound")
	}
	return token, err
}

func RefreshTokensByUserID(db *gorm.DB, table, userID, instanceID string) ([]*usr_model.RefreshTokenView, error) {
	tokens := make([]*usr_model.RefreshTokenView, 0)
	userIDQuery := &model.RefreshTokenSearchQuery{
		Key:    model.RefreshTokenSearchKeyUserID,
		Method: domain.SearchMethodEquals,
		Value:  userID,
	}
	instanceIDQuery := &model.RefreshTokenSearchQuery{
		Key:    model.RefreshTokenSearchKeyInstanceID,
		Method: domain.SearchMethodEquals,
		Value:  instanceID,
	}
	query := repository.PrepareSearchQuery(table, usr_model.RefreshTokenSearchRequest{
		Queries: []*model.RefreshTokenSearchQuery{userIDQuery, instanceIDQuery},
	})
	_, err := query(db, &tokens)
	return tokens, err
}

func PutRefreshToken(db *gorm.DB, table string, token *usr_model.RefreshTokenView) error {
	save := repository.PrepareSaveOnConflict(table,
		[]string{"client_id", "user_agent_id", "user_id"},
		[]string{"id", "creation_date", "change_date", "token", "auth_time", "idle_expiration", "expiration", "sequence", "scopes", "audience", "amr"},
	)
	return save(db, token)
}

func PutRefreshTokens(db *gorm.DB, table string, tokens ...*usr_model.RefreshTokenView) error {
	save := repository.PrepareBulkSave(table)
	t := make([]interface{}, len(tokens))
	for i, token := range tokens {
		t[i] = token
	}
	return save(db, t...)
}

func SearchRefreshTokens(db *gorm.DB, table string, req *model.RefreshTokenSearchRequest) ([]*usr_model.RefreshTokenView, uint64, error) {
	tokens := make([]*usr_model.RefreshTokenView, 0)
	query := repository.PrepareSearchQuery(table, usr_model.RefreshTokenSearchRequest{Limit: req.Limit, Offset: req.Offset, Queries: req.Queries})
	count, err := query(db, &tokens)
	return tokens, count, err
}

func DeleteRefreshToken(db *gorm.DB, table, tokenID, instanceID string) error {
	delete := repository.PrepareDeleteByKeys(table,
		repository.Key{usr_model.RefreshTokenSearchKey(model.RefreshTokenSearchKeyRefreshTokenID), tokenID},
		repository.Key{usr_model.RefreshTokenSearchKey(model.RefreshTokenSearchKeyInstanceID), instanceID},
	)
	return delete(db)
}

func DeleteSessionRefreshTokens(db *gorm.DB, table, agentID, userID string) error {
	delete := repository.PrepareDeleteByKeys(table,
		repository.Key{Key: usr_model.RefreshTokenSearchKey(model.RefreshTokenSearchKeyUserAgentID), Value: agentID},
		repository.Key{Key: usr_model.RefreshTokenSearchKey(model.RefreshTokenSearchKeyUserID), Value: userID},
	)
	return delete(db)
}

func DeleteUserRefreshTokens(db *gorm.DB, table, userID, instanceID string) error {
	delete := repository.PrepareDeleteByKeys(table,
		repository.Key{usr_model.RefreshTokenSearchKey(model.RefreshTokenSearchKeyUserID), userID},
		repository.Key{usr_model.RefreshTokenSearchKey(model.RefreshTokenSearchKeyInstanceID), instanceID},
	)
	return delete(db)
}

func DeleteApplicationRefreshTokens(db *gorm.DB, table string, instanceID string, appIDs []string) error {
	delete := repository.PrepareDeleteByKeys(table,
		repository.Key{Key: usr_model.RefreshTokenSearchKey(model.RefreshTokenSearchKeyInstanceID), Value: instanceID},
		repository.Key{Key: usr_model.RefreshTokenSearchKey(model.RefreshTokenSearchKeyApplicationID), Value: appIDs},
	)
	return delete(db)
}

func DeleteOrgRefreshTokens(db *gorm.DB, table string, instanceID, orgID string) error {
	delete := repository.PrepareDeleteByKeys(table,
		repository.Key{Key: usr_model.RefreshTokenSearchKey(model.RefreshTokenSearchKeyInstanceID), Value: instanceID},
		repository.Key{Key: usr_model.RefreshTokenSearchKey(model.RefreshTokenSearchKeyResourceOwner), Value: orgID},
	)
	return delete(db)
}

func DeleteInstanceRefreshTokens(db *gorm.DB, table string, instanceID string) error {
	delete := repository.PrepareDeleteByKey(table,
		usr_model.RefreshTokenSearchKey(model.RefreshTokenSearchKeyInstanceID),
		instanceID,
	)
	return delete(db)
}
feat: refresh token (#1728) * begin refresh tokens * refresh tokens * list and revoke refresh tokens * handle remove * tests for refresh tokens * uniqueness and default expiration * rename oidc token methods * cleanup * migration version * Update internal/static/i18n/en.yaml Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> * fixes * feat: update oidc pkg for refresh tokens Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> 2021-05-20 11:33:35 +00:00			`package view`

			`import (`
fix: access tokens for service users and refresh token infos (#1779) * fix: access token for service user * handle info from refresh request * uniqueness * postpone access token uniqueness change 2021-05-26 07:01:07 +00:00			`"github.com/jinzhu/gorm"`

chore(v2): move to new org (#3499) * chore: move to new org * logging * fix: org rename caos -> zitadel Co-authored-by: adlerhurst <silvan.reusser@gmail.com> 2022-04-26 23:01:45 +00:00			`"github.com/zitadel/zitadel/internal/domain"`
			`"github.com/zitadel/zitadel/internal/errors"`
			`"github.com/zitadel/zitadel/internal/user/model"`
			`usr_model "github.com/zitadel/zitadel/internal/user/repository/view/model"`
			`"github.com/zitadel/zitadel/internal/view/repository"`
feat: refresh token (#1728) * begin refresh tokens * refresh tokens * list and revoke refresh tokens * handle remove * tests for refresh tokens * uniqueness and default expiration * rename oidc token methods * cleanup * migration version * Update internal/static/i18n/en.yaml Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> * fixes * feat: update oidc pkg for refresh tokens Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> 2021-05-20 11:33:35 +00:00			`)`

feat: handle instanceID in projections (#3442) * feat: handle instanceID in projections * rename functions * fix key lock * fix import 2022-04-19 06:26:12 +00:00			`func RefreshTokenByID(db gorm.DB, table, tokenID, instanceID string) (usr_model.RefreshTokenView, error) {`
feat: refresh token (#1728) * begin refresh tokens * refresh tokens * list and revoke refresh tokens * handle remove * tests for refresh tokens * uniqueness and default expiration * rename oidc token methods * cleanup * migration version * Update internal/static/i18n/en.yaml Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> * fixes * feat: update oidc pkg for refresh tokens Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> 2021-05-20 11:33:35 +00:00			`token := new(usr_model.RefreshTokenView)`
feat: handle instanceID in projections (#3442) * feat: handle instanceID in projections * rename functions * fix key lock * fix import 2022-04-19 06:26:12 +00:00			`query := repository.PrepareGetByQuery(table,`
			`&usr_model.RefreshTokenSearchQuery{Key: model.RefreshTokenSearchKeyRefreshTokenID, Method: domain.SearchMethodEquals, Value: tokenID},`
			`&usr_model.RefreshTokenSearchQuery{Key: model.RefreshTokenSearchKeyInstanceID, Method: domain.SearchMethodEquals, Value: instanceID},`
			`)`
feat: refresh token (#1728) * begin refresh tokens * refresh tokens * list and revoke refresh tokens * handle remove * tests for refresh tokens * uniqueness and default expiration * rename oidc token methods * cleanup * migration version * Update internal/static/i18n/en.yaml Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> * fixes * feat: update oidc pkg for refresh tokens Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> 2021-05-20 11:33:35 +00:00			`err := query(db, token)`
			`if errors.IsNotFound(err) {`
			`return nil, errors.ThrowNotFound(nil, "VIEW-6ub3p", "Errors.RefreshToken.NotFound")`
			`}`
			`return token, err`
			`}`

feat: handle instanceID in projections (#3442) * feat: handle instanceID in projections * rename functions * fix key lock * fix import 2022-04-19 06:26:12 +00:00			`func RefreshTokensByUserID(db gorm.DB, table, userID, instanceID string) ([]usr_model.RefreshTokenView, error) {`
feat: refresh token (#1728) * begin refresh tokens * refresh tokens * list and revoke refresh tokens * handle remove * tests for refresh tokens * uniqueness and default expiration * rename oidc token methods * cleanup * migration version * Update internal/static/i18n/en.yaml Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> * fixes * feat: update oidc pkg for refresh tokens Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> 2021-05-20 11:33:35 +00:00			`tokens := make([]*usr_model.RefreshTokenView, 0)`
			`userIDQuery := &model.RefreshTokenSearchQuery{`
			`Key: model.RefreshTokenSearchKeyUserID,`
			`Method: domain.SearchMethodEquals,`
			`Value: userID,`
			`}`
feat: handle instanceID in projections (#3442) * feat: handle instanceID in projections * rename functions * fix key lock * fix import 2022-04-19 06:26:12 +00:00			`instanceIDQuery := &model.RefreshTokenSearchQuery{`
			`Key: model.RefreshTokenSearchKeyInstanceID,`
			`Method: domain.SearchMethodEquals,`
			`Value: instanceID,`
			`}`
feat: refresh token (#1728) * begin refresh tokens * refresh tokens * list and revoke refresh tokens * handle remove * tests for refresh tokens * uniqueness and default expiration * rename oidc token methods * cleanup * migration version * Update internal/static/i18n/en.yaml Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> * fixes * feat: update oidc pkg for refresh tokens Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> 2021-05-20 11:33:35 +00:00			`query := repository.PrepareSearchQuery(table, usr_model.RefreshTokenSearchRequest{`
feat: handle instanceID in projections (#3442) * feat: handle instanceID in projections * rename functions * fix key lock * fix import 2022-04-19 06:26:12 +00:00			`Queries: []*model.RefreshTokenSearchQuery{userIDQuery, instanceIDQuery},`
feat: refresh token (#1728) * begin refresh tokens * refresh tokens * list and revoke refresh tokens * handle remove * tests for refresh tokens * uniqueness and default expiration * rename oidc token methods * cleanup * migration version * Update internal/static/i18n/en.yaml Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> * fixes * feat: update oidc pkg for refresh tokens Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> 2021-05-20 11:33:35 +00:00			`})`
			`_, err := query(db, &tokens)`
			`return tokens, err`
			`}`

			`func PutRefreshToken(db gorm.DB, table string, token usr_model.RefreshTokenView) error {`
fix: access tokens for service users and refresh token infos (#1779) * fix: access token for service user * handle info from refresh request * uniqueness * postpone access token uniqueness change 2021-05-26 07:01:07 +00:00			`save := repository.PrepareSaveOnConflict(table,`
			`[]string{"client_id", "user_agent_id", "user_id"},`
			`[]string{"id", "creation_date", "change_date", "token", "auth_time", "idle_expiration", "expiration", "sequence", "scopes", "audience", "amr"},`
			`)`
feat: refresh token (#1728) * begin refresh tokens * refresh tokens * list and revoke refresh tokens * handle remove * tests for refresh tokens * uniqueness and default expiration * rename oidc token methods * cleanup * migration version * Update internal/static/i18n/en.yaml Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> * fixes * feat: update oidc pkg for refresh tokens Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> 2021-05-20 11:33:35 +00:00			`return save(db, token)`
			`}`

			`func PutRefreshTokens(db gorm.DB, table string, tokens ...usr_model.RefreshTokenView) error {`
			`save := repository.PrepareBulkSave(table)`
			`t := make([]interface{}, len(tokens))`
			`for i, token := range tokens {`
			`t[i] = token`
			`}`
			`return save(db, t...)`
			`}`

			`func SearchRefreshTokens(db gorm.DB, table string, req model.RefreshTokenSearchRequest) ([]*usr_model.RefreshTokenView, uint64, error) {`
			`tokens := make([]*usr_model.RefreshTokenView, 0)`
			`query := repository.PrepareSearchQuery(table, usr_model.RefreshTokenSearchRequest{Limit: req.Limit, Offset: req.Offset, Queries: req.Queries})`
			`count, err := query(db, &tokens)`
			`return tokens, count, err`
			`}`

feat: handle instanceID in projections (#3442) * feat: handle instanceID in projections * rename functions * fix key lock * fix import 2022-04-19 06:26:12 +00:00			`func DeleteRefreshToken(db *gorm.DB, table, tokenID, instanceID string) error {`
			`delete := repository.PrepareDeleteByKeys(table,`
			`repository.Key{usr_model.RefreshTokenSearchKey(model.RefreshTokenSearchKeyRefreshTokenID), tokenID},`
			`repository.Key{usr_model.RefreshTokenSearchKey(model.RefreshTokenSearchKeyInstanceID), instanceID},`
			`)`
feat: refresh token (#1728) * begin refresh tokens * refresh tokens * list and revoke refresh tokens * handle remove * tests for refresh tokens * uniqueness and default expiration * rename oidc token methods * cleanup * migration version * Update internal/static/i18n/en.yaml Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> * fixes * feat: update oidc pkg for refresh tokens Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> 2021-05-20 11:33:35 +00:00			`return delete(db)`
			`}`

			`func DeleteSessionRefreshTokens(db *gorm.DB, table, agentID, userID string) error {`
			`delete := repository.PrepareDeleteByKeys(table,`
			`repository.Key{Key: usr_model.RefreshTokenSearchKey(model.RefreshTokenSearchKeyUserAgentID), Value: agentID},`
			`repository.Key{Key: usr_model.RefreshTokenSearchKey(model.RefreshTokenSearchKeyUserID), Value: userID},`
			`)`
			`return delete(db)`
			`}`

feat: handle instanceID in projections (#3442) * feat: handle instanceID in projections * rename functions * fix key lock * fix import 2022-04-19 06:26:12 +00:00			`func DeleteUserRefreshTokens(db *gorm.DB, table, userID, instanceID string) error {`
			`delete := repository.PrepareDeleteByKeys(table,`
			`repository.Key{usr_model.RefreshTokenSearchKey(model.RefreshTokenSearchKeyUserID), userID},`
			`repository.Key{usr_model.RefreshTokenSearchKey(model.RefreshTokenSearchKeyInstanceID), instanceID},`
			`)`
feat: refresh token (#1728) * begin refresh tokens * refresh tokens * list and revoke refresh tokens * handle remove * tests for refresh tokens * uniqueness and default expiration * rename oidc token methods * cleanup * migration version * Update internal/static/i18n/en.yaml Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> * fixes * feat: update oidc pkg for refresh tokens Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> 2021-05-20 11:33:35 +00:00			`return delete(db)`
			`}`

feat: remove org (#4148) * feat(command): remove org * refactor: imports, unused code, error handling * reduce org removed in action * add org deletion to projections * add org removal to projections * add org removal to projections * org removed projection * lint import * projections * fix: table names in tests * fix: table names in tests * logging * add org state * fix(domain): add Owner removed to object details * feat(ListQuery): add with owner removed * fix(org-delete): add bool to functions to select with owner removed * fix(org-delete): add bools to user grants with events to determine if dependencies lost owner * fix(org-delete): add unit tests for owner removed and org removed events * fix(org-delete): add handling of org remove for grants and members * fix(org-delete): correction of unit tests for owner removed * fix(org-delete): update projections, unit tests and get functions * fix(org-delete): add change date to authnkeys and owner removed to org metadata * fix(org-delete): include owner removed for login names * fix(org-delete): some column fixes in projections and build for queries with owner removed * indexes * fix(org-delete): include review changes * fix(org-delete): change user projection name after merge * fix(org-delete): include review changes for project grant where no project owner is necessary * fix(org-delete): include auth and adminapi tables with owner removed information * fix(org-delete): cleanup username and orgdomain uniqueconstraints when org is removed * fix(org-delete): add permissions for org.remove * remove unnecessary unique constraints * fix column order in primary keys * fix(org-delete): include review changes * fix(org-delete): add owner removed indexes and chang setup step to create tables * fix(org-delete): move PK order of instance_id and change added user_grant from review * fix(org-delete): no params for prepareUserQuery * change to step 6 * merge main * fix(org-delete): OldUserName rename to private * fix linting * cleanup * fix: remove org test * create prerelease * chore: delete org-delete as prerelease Co-authored-by: Stefan Benz <stefan@caos.ch> Co-authored-by: Livio Spring <livio.a@gmail.com> Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com> Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com> 2022-11-30 16:01:17 +00:00			`func DeleteApplicationRefreshTokens(db *gorm.DB, table string, instanceID string, appIDs []string) error {`
			`delete := repository.PrepareDeleteByKeys(table,`
			`repository.Key{Key: usr_model.RefreshTokenSearchKey(model.RefreshTokenSearchKeyInstanceID), Value: instanceID},`
			`repository.Key{Key: usr_model.RefreshTokenSearchKey(model.RefreshTokenSearchKeyApplicationID), Value: appIDs},`
			`)`
			`return delete(db)`
			`}`

			`func DeleteOrgRefreshTokens(db *gorm.DB, table string, instanceID, orgID string) error {`
			`delete := repository.PrepareDeleteByKeys(table,`
			`repository.Key{Key: usr_model.RefreshTokenSearchKey(model.RefreshTokenSearchKeyInstanceID), Value: instanceID},`
			`repository.Key{Key: usr_model.RefreshTokenSearchKey(model.RefreshTokenSearchKeyResourceOwner), Value: orgID},`
			`)`
feat: refresh token (#1728) * begin refresh tokens * refresh tokens * list and revoke refresh tokens * handle remove * tests for refresh tokens * uniqueness and default expiration * rename oidc token methods * cleanup * migration version * Update internal/static/i18n/en.yaml Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> * fixes * feat: update oidc pkg for refresh tokens Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> 2021-05-20 11:33:35 +00:00			`return delete(db)`
			`}`
fix: instance remove (#4602) 2022-10-26 13:06:48 +00:00
			`func DeleteInstanceRefreshTokens(db *gorm.DB, table string, instanceID string) error {`
feat: remove org (#4148) * feat(command): remove org * refactor: imports, unused code, error handling * reduce org removed in action * add org deletion to projections * add org removal to projections * add org removal to projections * org removed projection * lint import * projections * fix: table names in tests * fix: table names in tests * logging * add org state * fix(domain): add Owner removed to object details * feat(ListQuery): add with owner removed * fix(org-delete): add bool to functions to select with owner removed * fix(org-delete): add bools to user grants with events to determine if dependencies lost owner * fix(org-delete): add unit tests for owner removed and org removed events * fix(org-delete): add handling of org remove for grants and members * fix(org-delete): correction of unit tests for owner removed * fix(org-delete): update projections, unit tests and get functions * fix(org-delete): add change date to authnkeys and owner removed to org metadata * fix(org-delete): include owner removed for login names * fix(org-delete): some column fixes in projections and build for queries with owner removed * indexes * fix(org-delete): include review changes * fix(org-delete): change user projection name after merge * fix(org-delete): include review changes for project grant where no project owner is necessary * fix(org-delete): include auth and adminapi tables with owner removed information * fix(org-delete): cleanup username and orgdomain uniqueconstraints when org is removed * fix(org-delete): add permissions for org.remove * remove unnecessary unique constraints * fix column order in primary keys * fix(org-delete): include review changes * fix(org-delete): add owner removed indexes and chang setup step to create tables * fix(org-delete): move PK order of instance_id and change added user_grant from review * fix(org-delete): no params for prepareUserQuery * change to step 6 * merge main * fix(org-delete): OldUserName rename to private * fix linting * cleanup * fix: remove org test * create prerelease * chore: delete org-delete as prerelease Co-authored-by: Stefan Benz <stefan@caos.ch> Co-authored-by: Livio Spring <livio.a@gmail.com> Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com> Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com> 2022-11-30 16:01:17 +00:00			`delete := repository.PrepareDeleteByKey(table,`
			`usr_model.RefreshTokenSearchKey(model.RefreshTokenSearchKeyInstanceID),`
			`instanceID,`
			`)`
fix: instance remove (#4602) 2022-10-26 13:06:48 +00:00			`return delete(db)`
			`}`