src/oauth/db/dpop.rs at 6f959c6c1b6e9ee99e7f6e49c3fc78a4affe0491 · lewis.moe/bspds-sandbox

lewis.moe / bspds-sandbox

this repo has no description

bspds-sandbox / src / oauth / db / dpop.rs

at 6f959c6c1b6e9ee99e7f6e49c3fc78a4affe0491 756 B view raw

 1use sqlx::PgPool;
 2use super::super::OAuthError;
 3pub async fn check_and_record_dpop_jti(
 4    pool: &PgPool,
 5    jti: &str,
 6) -> Result<bool, OAuthError> {
 7    let result = sqlx::query!(
 8        r#"
 9        INSERT INTO oauth_dpop_jti (jti)
10        VALUES ($1)
11        ON CONFLICT (jti) DO NOTHING
12        "#,
13        jti
14    )
15    .execute(pool)
16    .await?;
17    Ok(result.rows_affected() > 0)
18}
19pub async fn cleanup_expired_dpop_jtis(
20    pool: &PgPool,
21    max_age_secs: i64,
22) -> Result<u64, OAuthError> {
23    let result = sqlx::query!(
24        r#"
25        DELETE FROM oauth_dpop_jti
26        WHERE created_at < NOW() - INTERVAL '1 second' * $1
27        "#,
28        max_age_secs as f64
29    )
30    .execute(pool)
31    .await?;
32    Ok(result.rows_affected())
33}