MCPcopy
hub / github.com/ory/hydra / FlushInactiveLoginConsentRequests

Method FlushInactiveLoginConsentRequests

persistence/sql/persister_consent.go:531–583  ·  view source on GitHub ↗
(ctx context.Context, notAfter time.Time, limit, batchSize int)

Source from the content-addressed store, hash-verified

529}
530
531func (p *Persister) FlushInactiveLoginConsentRequests(ctx context.Context, notAfter time.Time, limit, batchSize int) (err error) {
532 ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.FlushInactiveLoginConsentRequests")
533 defer otelx.End(span, &err)
534
535 // The value of notAfter should be the minimum between input parameter and request max expire based on its configured age
536 requestMaxExpire := time.Now().Add(-p.r.Config().ConsentRequestMaxAge(ctx))
537 if requestMaxExpire.Before(notAfter) {
538 notAfter = requestMaxExpire
539 }
540
541 challenges := make([]string, 0, limit)
542 // Select up to [limit] flows that can be safely deleted, i.e. flows that meet
543 // the following criteria:
544 // - flow.state is anything between FlowStateLoginInitialized and FlowStateConsentUnused (unhandled)
545 // - flow.login_error has valid error (login rejected)
546 // - flow.consent_error has valid error (consent rejected)
547 // AND timed-out
548 // - flow.requested_at < minimum of ttl.login_consent_request and notAfter
549 q := p.Connection(ctx).RawQuery(`
550 SELECT login_challenge
551 FROM hydra_oauth2_flow
552 WHERE (
553 (state != ? AND state IS NOT NULL)
554 OR (login_error IS NOT NULL AND login_error <> '{}' AND login_error <> '')
555 OR (consent_error IS NOT NULL AND consent_error <> '{}' AND consent_error <> '')
556 )
557 AND requested_at < ?
558 AND nid = ?
559 ORDER BY login_challenge
560 LIMIT ?`,
561 flow.FlowStateConsentUsed, notAfter, p.NetworkID(ctx), limit)
562
563 if err := q.All(&challenges); err != nil {
564 return errors.WithStack(err)
565 }
566
567 // Delete in batch consent requests and their references in cascade
568 for i := 0; i < len(challenges); i += batchSize {
569 j := min(i+batchSize, len(challenges))
570
571 q := p.Connection(ctx).RawQuery(
572 "DELETE FROM hydra_oauth2_flow WHERE login_challenge in (?) AND nid = ?",
573 challenges[i:j],
574 p.NetworkID(ctx),
575 )
576
577 if err := q.Exec(); err != nil {
578 return sqlcon.HandleError(err)
579 }
580 }
581
582 return nil
583}
584
585func (p *Persister) mySQLConfirmLoginSession(ctx context.Context, session *flow.LoginSession) error {
586 return p.Transaction(ctx, func(ctx context.Context, c *pop.Connection) error {

Callers

nothing calls this directly

Implementers 1

BasePersisterpersistence/sql/persister.go

Calls 9

ConnectionMethod · 0.95
ConsentRequestMaxAgeMethod · 0.80
AllMethod · 0.80
TracerMethod · 0.65
AddMethod · 0.65
NowMethod · 0.65
ConfigMethod · 0.65
NetworkIDMethod · 0.65
ExecMethod · 0.65

Tested by

no test coverage detected