Created
August 27, 2018 13:25
-
-
Save gbataille/d430a9da3ec351d9d4b4a0c95b02151a to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@startuml | |
start | |
note right | |
* **RT** refers to the refresh token in the request | |
* **RT_new** refers to the new refresh token | |
* **AT** refers to the Access Token that was created | |
at the same time as RT | |
* **AT_new** refers to the access token under creation | |
* **AT_refreshed** refers to an access token that might | |
already have been created from RT (but RT is still in | |
its grace period and therefore still valid) | |
end note | |
#aafe00:**POST (grant_type=refresh_token)**; | |
#ff5555:token validation; | |
note right | |
* The RT **instance** is stored | |
in the request object | |
* The RT **code** is stored | |
in the request object | |
end note | |
:new token generation (in memory); | |
partition Saving { | |
:get RT code; | |
:get RT instance from the cache in *request*; | |
if (token reuse) then (yes) | |
:db lock AT instance; | |
:update the AT db record in place with | |
the new token code/expiration; | |
else (no) | |
:revoke the refresh token; | |
if (AT_refreshed exists) then (yes) | |
:return access token linked to the brand new refresh token; | |
note left | |
leave db untouched | |
end note | |
else (no) | |
#ff5555:create (db) AT_new with //source_refresh_token// | |
pointing to RT; | |
note right | |
Through //source_refresh_token// we say AT_new | |
was created from RT | |
end note | |
:create (db) RT_new pointing to AT_new; | |
endif | |
endif | |
} | |
stop | |
@enduml |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment