68 lines
1.5 KiB
JavaScript
68 lines
1.5 KiB
JavaScript
import Base from './base.js';
|
|
import User from './user.js';
|
|
|
|
class AccessToken extends Base {
|
|
static tableName = 'access_tokens';
|
|
|
|
static jsonSchema = {
|
|
type: 'object',
|
|
required: ['token', 'expiresIn'],
|
|
|
|
properties: {
|
|
id: { type: 'string', format: 'uuid' },
|
|
userId: { type: 'string', format: 'uuid' },
|
|
token: { type: 'string', minLength: 32 },
|
|
samlSessionId: { type: ['string', 'null'] },
|
|
expiresIn: { type: 'integer' },
|
|
revokedAt: { type: ['string', 'null'], format: 'date-time' },
|
|
},
|
|
};
|
|
|
|
static relationMappings = () => ({
|
|
user: {
|
|
relation: Base.BelongsToOneRelation,
|
|
modelClass: User,
|
|
join: {
|
|
from: 'access_tokens.user_id',
|
|
to: 'users.id',
|
|
},
|
|
},
|
|
});
|
|
|
|
async terminateRemoteSamlSession() {
|
|
if (!this.samlSessionId) {
|
|
return;
|
|
}
|
|
|
|
const user = await this.$relatedQuery('user');
|
|
|
|
const firstIdentity = await user.$relatedQuery('identities').first();
|
|
|
|
const samlAuthProvider = await firstIdentity
|
|
.$relatedQuery('samlAuthProvider')
|
|
.throwIfNotFound();
|
|
|
|
const response = await samlAuthProvider.terminateRemoteSession(
|
|
this.samlSessionId
|
|
);
|
|
|
|
return response;
|
|
}
|
|
|
|
async revoke() {
|
|
const response = await this.$query().patch({
|
|
revokedAt: new Date().toISOString(),
|
|
});
|
|
|
|
try {
|
|
await this.terminateRemoteSamlSession();
|
|
} catch (error) {
|
|
// TODO: should it silently fail or not?
|
|
}
|
|
|
|
return response;
|
|
}
|
|
}
|
|
|
|
export default AccessToken;
|