feat: refresh token (#1728)

* begin refresh tokens * refresh tokens * list and revoke refresh tokens * handle remove * tests for refresh tokens * uniqueness and default expiration * rename oidc token methods * cleanup * migration version * Update internal/static/i18n/en.yaml Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> * fixes * feat: update oidc pkg for refresh tokens Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
2025-08-11 19:17:32 +00:00 · 2021-05-20 13:33:35 +02:00
parent bc21eeb114
commit ec5020bebc
36 changed files with 2732 additions and 55 deletions
--- a/internal/user/model/refresh_token.go
+++ b/internal/user/model/refresh_token.go
@@ -0,0 +1,18 @@
+package model
+
+import (
+	es_models "github.com/caos/zitadel/internal/eventstore/v1/models"
+	"time"
+)
+
+type RefreshToken struct {
+	es_models.ObjectRoot
+
+	TokenID           string
+	ApplicationID     string
+	UserAgentID       string
+	Audience          []string
+	Expiration        time.Time
+	Scopes            []string
+	PreferredLanguage string
+}
--- a/internal/user/model/refresh_token_view.go
+++ b/internal/user/model/refresh_token_view.go
@@ -0,0 +1,71 @@
+package model
+
+import (
+	"github.com/caos/zitadel/internal/domain"
+	caos_errors "github.com/caos/zitadel/internal/errors"
+
+	"time"
+)
+
+type RefreshTokenView struct {
+	ID                    string
+	CreationDate          time.Time
+	ChangeDate            time.Time
+	ResourceOwner         string
+	UserID                string
+	ClientID              string
+	UserAgentID           string
+	AuthMethodsReferences []string
+	Audience              []string
+	AuthTime              time.Time
+	IdleExpiration        time.Time
+	Expiration            time.Time
+	Scopes                []string
+	Sequence              uint64
+	Token                 string
+}
+
+type RefreshTokenSearchRequest struct {
+	Offset        uint64
+	Limit         uint64
+	SortingColumn RefreshTokenSearchKey
+	Asc           bool
+	Queries       []*RefreshTokenSearchQuery
+}
+
+type RefreshTokenSearchKey int32
+
+const (
+	RefreshTokenSearchKeyUnspecified RefreshTokenSearchKey = iota
+	RefreshTokenSearchKeyRefreshTokenID
+	RefreshTokenSearchKeyUserID
+	RefreshTokenSearchKeyApplicationID
+	RefreshTokenSearchKeyUserAgentID
+	RefreshTokenSearchKeyExpiration
+	RefreshTokenSearchKeyResourceOwner
+)
+
+type RefreshTokenSearchQuery struct {
+	Key    RefreshTokenSearchKey
+	Method domain.SearchMethod
+	Value  interface{}
+}
+
+type RefreshTokenSearchResponse struct {
+	Offset      uint64
+	Limit       uint64
+	TotalResult uint64
+	Sequence    uint64
+	Timestamp   time.Time
+	Result      []*RefreshTokenView
+}
+
+func (r *RefreshTokenSearchRequest) EnsureLimit(limit uint64) error {
+	if r.Limit > limit {
+		return caos_errors.ThrowInvalidArgument(nil, "SEARCH-M0fse", "Errors.Limit.ExceedsDefault")
+	}
+	if r.Limit == 0 {
+		r.Limit = limit
+	}
+	return nil
+}