%OAuth2.Server.AbstractSession
abstract class %OAuth2.Server.AbstractSession
This class defines the interface for the OAuth2 Server session maintenance class. If SupportSession is true in OAuth2.Server.Configuration then this class is used to track the user's session. The default session maintenance class is OAuth2.Server.Session. The behavior can be customized by creating a subclasss of this class.Method Inventory
Methods
abstract classmethod DeleteAll() as %Status
This method deletes all current sessions.
abstract classmethod GetUser(Output scope As %String, Output authTime As %Integer, Output sc As %Status, authCode As %String = "") as %String
This method returns the name of the user currently logged into this session.
If no session exists, then "" is returned.
The set of scopes associated with this session are returned in the scope parameter.
The time the session was created is returned in the authTime parameter.
The sc parameter contains the error code (or $$$OK if no error occurred).
authCode contains the Authorization Code from the associated Access Token. This can be used to associate the Access Token with the session.
The set of scopes associated with this session are returned in the scope parameter.
The time the session was created is returned in the authTime parameter.
The sc parameter contains the error code (or $$$OK if no error occurred).
authCode contains the Authorization Code from the associated Access Token. This can be used to associate the Access Token with the session.
abstract classmethod Login(username As %String, scope As %String, interval As %Integer, Output authTime As %Integer, authCode As %String = "") as %Status
This method creates a new session for the user named by username.
The scope argument specifies a blank separated list of scopes for which the user is authorized.
The interval argument is seconds until expiration for the session.
If interval=0, then the session will not expire.
authTime indicates the time at which the session was created. This should be specified as the number of seconds since the start of the UNIX epoch. This can be computed using
authCode contains the Authorization Code from the associated Access Token. This can be used to
associate the Access Token with the session.
The scope argument specifies a blank separated list of scopes for which the user is authorized.
The interval argument is seconds until expiration for the session.
If interval=0, then the session will not expire.
authTime indicates the time at which the session was created. This should be specified as the number of seconds since the start of the UNIX epoch. This can be computed using
Set authTime = ##class(%OAuth2.Utils).TimeInSeconds($ztimestamp,0)
abstract classmethod Logout() as %Status
The Logout method terminates the current session.
This may be called when there is no current session.
This method updates the current session with the provided values.
scope is a blank separated list of scope values to associate with the session.
If the interval argument is specified the session interval should be updated.
The interval argument is seconds until expiration for the session. If interval=0, then the session will not expire.
scope is a blank separated list of scope values to associate with the session.
If the interval argument is specified the session interval should be updated.
The interval argument is seconds until expiration for the session. If interval=0, then the session will not expire.
classmethod UpdateTokenGroup(authCode As %String, groupId As %String, force As %Boolean = 0) as %Status
This method will update the OAuth2.Server.AccessToken identified by authcode with the given groupId.
This can be used to associate the Access Token with the user's session. The Access Token will not be updated
if it already is associated with a GroupId, unless force is true.
Note that any subclass of this class MUST use the OAuth2.Server.AccessToken GroupId property
to associate tokens with sessions. All tokens that have the same GroupId are part of the same session.