src/oauth/db/dpop.rs at 4a767dea59b22b830f20e0fbe6f3e45d2aebd0be · lewis.moe/bspds-sandbox

lewis.moe / bspds-sandbox

this repo has no description

bspds-sandbox / src / oauth / db / dpop.rs

at 4a767dea59b22b830f20e0fbe6f3e45d2aebd0be 761 B view raw

 1use sqlx::PgPool;
 2
 3use super::super::OAuthError;
 4
 5pub async fn check_and_record_dpop_jti(
 6    pool: &PgPool,
 7    jti: &str,
 8) -> Result<bool, OAuthError> {
 9    let result = sqlx::query!(
10        r#"
11        INSERT INTO oauth_dpop_jti (jti)
12        VALUES ($1)
13        ON CONFLICT (jti) DO NOTHING
14        "#,
15        jti
16    )
17    .execute(pool)
18    .await?;
19
20    Ok(result.rows_affected() > 0)
21}
22
23pub async fn cleanup_expired_dpop_jtis(
24    pool: &PgPool,
25    max_age_secs: i64,
26) -> Result<u64, OAuthError> {
27    let result = sqlx::query!(
28        r#"
29        DELETE FROM oauth_dpop_jti
30        WHERE created_at < NOW() - INTERVAL '1 second' * $1
31        "#,
32        max_age_secs as f64
33    )
34    .execute(pool)
35    .await?;
36
37    Ok(result.rows_affected())
38}