diff options
Diffstat (limited to 'src/api/auth/oauth.rs')
-rw-r--r-- | src/api/auth/oauth.rs | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/src/api/auth/oauth.rs b/src/api/auth/oauth.rs index 6d2f700..c159352 100644 --- a/src/api/auth/oauth.rs +++ b/src/api/auth/oauth.rs @@ -9,12 +9,13 @@ use subtle::ConstantTimeEq; use crate::api::auth::WithVerifiedFxaLogin; use crate::api::{Empty, EMPTY}; +use crate::crypto::SessionToken; use crate::db::DbConn; use crate::types::oauth::{Scope, ScopeSet}; use crate::{ api::{auth, serialize_dt}, auth::Authenticated, - crypto::{SecretBytes, SessionCredentials}, + crypto::SessionCredentials, types::{ HawkKey, OauthAccessToken, OauthAccessType, OauthAuthorization, OauthAuthorizationID, OauthRefreshToken, OauthToken, OauthTokenID, SessionID, UserID, @@ -278,7 +279,7 @@ pub(crate) struct TokenResp { refresh_token: Option<OauthToken>, // MISSING id_token #[serde(skip_serializing_if = "Option::is_none")] - session_token: Option<String>, + session_token: Option<SessionToken>, scope: ScopeSet, token_type: TokenType, expires_in: u32, @@ -391,18 +392,17 @@ async fn token_impl( let (refresh_token, session_token) = if access_type == Some(OauthAccessType::Offline) { let (session_token, session_id) = if scope.implies(&SESSION_SCOPE) { - let session_token = SecretBytes::generate(); - let session = SessionCredentials::derive(&session_token); - let session_id = SessionID(session.token_id.0); + let session_token = SessionToken::generate(); + let session = SessionCredentials::derive_from(&session_token); db.add_session( - session_id.clone(), + session.token_id.clone(), &user_id, HawkKey(session.req_hmac_key.0), true, None, ) .await?; - (Some(session_token.0), Some(SessionID(session.token_id.0))) + (Some(session_token), Some(session.token_id)) } else { (None, None) }; @@ -426,7 +426,7 @@ async fn token_impl( Ok(Json(TokenResp { access_token, refresh_token, - session_token: session_token.map(hex::encode), + session_token, scope: scope.remove(&SESSION_SCOPE), token_type: TokenType::Bearer, expires_in: ttl, |