(in-memory-state-manager)
(in-memory-state-manager request-timeout-seconds)
(in-memory-state-manager request-timeout-seconds initial-state)
A simple in-memory state manager, suitable for a single instance. Requests IDs are considered valid for a minimum of
request-timeout-seconds
.
A simple in-memory state manager, suitable for a single instance. Requests IDs are considered valid for a minimum of `request-timeout-seconds`.
Protocol for managing state for recording which requests are in flight, so we can determine whether responses correspond to valid requests. This library ships with a simple in-memory implementation, but this interface is provided so that you can provide your own implementation if you need to do something more sophisticated (such as synchronizing across multiple instances).
Protocol for managing state for recording which requests are in flight, so we can determine whether responses correspond to valid requests. This library ships with a simple in-memory implementation, but this interface is provided so that you can provide your own implementation if you need to do something more sophisticated (such as synchronizing across multiple instances).
(accept-response! this request-id)
Called whenever a new response from IdP is received. The state manager should verify that request-id
was
actually issued by us (e.g., one we've seen earlier when record-request!
), and (hopefully) that it is not too old;
if the response is not acceptable, it must throw an Exception. The state manager should remove the request from its
state a response with the same ID cannot be used again (e.g. to prevent replay attacks).
Called whenever a new response from IdP is received. The state manager should verify that `request-id` was actually issued by us (e.g., one we've seen earlier when `record-request!`), and (hopefully) that it is not too old; if the response is not acceptable, it must throw an Exception. The state manager should remove the request from its state a response with the same ID cannot be used again (e.g. to prevent replay attacks).
(record-request! this request-id)
Called whenever a new request to the IdP goes out. The state manager should record request-id
(and probably the
current timestamp as well) so it can be used for validating responses.
Called whenever a new request to the IdP goes out. The state manager should record `request-id` (and probably the current timestamp as well) so it can be used for validating responses.
cljdoc is a website building & hosting documentation for Clojure/Script libraries
× close