feat: update service session on refresh

feat: update service session's tokens
2025-06-15 21:13:33 +02:00 · 2025-06-15 21:13:23 +02:00
3 changed files with 61 additions and 0 deletions
--- a/internal/oauth/token.go
+++ b/internal/oauth/token.go
@ -269,6 +269,26 @@ func (h *OAuthHandler) tokenEndpoint(w http.ResponseWriter, r *http.Request) {
 			return
 		}
 		refreshJTI, err := uuid.Parse(claims.ID)
 		if err != nil {
 			log.Printf("ERR: Failed to parse refresh token JTI as uuid: %v\n", err)
 			web.Error(w, "failed to refresh token", http.StatusInternalServerError)
 			return
 		}
 		session, err := h.repo.GetServiceSessionByRefreshJTI(r.Context(), &refreshJTI)
 		if err != nil {
 			log.Printf("ERR: Failed to find session by '%s' refresh jti: %v\n", refreshJTI.String(), err)
 			web.Error(w, "session invalid", http.StatusUnauthorized)
 			return
 		}
 		if !session.IsActive {
 			log.Printf("INFO: Session with id '%s' is not active", session.ID.String())
 			web.Error(w, "session ended", http.StatusUnauthorized)
 			return
 		}
 		userID, err := uuid.Parse(claims.UserID)
 		if err != nil {
 			web.Error(w, "invalid user credentials in refresh token", http.StatusBadRequest)
@ -284,6 +304,17 @@ func (h *OAuthHandler) tokenEndpoint(w http.ResponseWriter, r *http.Request) {
 		id, access, refresh, err := h.signApiTokens(&user, &apiService, nil)
 		if err := h.repo.UpdateServiceSessionTokens(r.Context(), repository.UpdateServiceSessionTokensParams{
 			ID:             session.ID,
 			AccessTokenID:  &access.ID,
 			RefreshTokenID: &refresh.ID,
 			ExpiresAt:      &refresh.ExpiresAt,
 		}); err != nil {
 			log.Printf("ERR: Failed to update service session with '%s' id: %v\n", session.ID.String(), err)
 			web.Error(w, "failed to update session", http.StatusInternalServerError)
 			return
 		}
 		type Response struct {
 			IdToken      string  `json:"id_token"`
 			TokenType    string  `json:"token_type"`
--- a/internal/repository/service_sessions.sql.go
+++ b/internal/repository/service_sessions.sql.go
@ -393,3 +393,27 @@ func (q *Queries) UpdateServiceSessionLastActive(ctx context.Context, id uuid.UU
 	_, err := q.db.Exec(ctx, updateServiceSessionLastActive, id)
 	return err
 }
 const updateServiceSessionTokens = `-- name: UpdateServiceSessionTokens :exec
 UPDATE service_sessions
 SET access_token_id = $2, refresh_token_id = $3, expires_at = $4
 WHERE id = $1
  AND is_active = TRUE
 `
 type UpdateServiceSessionTokensParams struct {
 	ID             uuid.UUID  `json:"id"`
 	AccessTokenID  *uuid.UUID `json:"access_token_id"`
 	RefreshTokenID *uuid.UUID `json:"refresh_token_id"`
 	ExpiresAt      *time.Time `json:"expires_at"`
 }
 func (q *Queries) UpdateServiceSessionTokens(ctx context.Context, arg UpdateServiceSessionTokensParams) error {
 	_, err := q.db.Exec(ctx, updateServiceSessionTokens,
 		arg.ID,
 		arg.AccessTokenID,
 		arg.RefreshTokenID,
 		arg.ExpiresAt,
 	)
 	return err
 }
--- a/queries/service_sessions.sql
+++ b/queries/service_sessions.sql
@ -46,6 +46,12 @@ SET last_active = NOW()
 WHERE id = $1
  AND is_active = TRUE;
 -- name: UpdateServiceSessionTokens :exec
 UPDATE service_sessions
 SET access_token_id = $2, refresh_token_id = $3, expires_at = $4
 WHERE id = $1
  AND is_active = TRUE;
 -- name: ListAllServiceSessions :many
 SELECT * FROM service_sessions
 ORDER BY issued_at DESC
Author	SHA1	Message	Date
LandaMm	0db54e0268	feat: update service session on refresh	2025-06-15 21:13:33 +02:00
LandaMm	b3ef96a0ce	feat: update service session's tokens	2025-06-15 21:13:23 +02:00