Completed EFCore Token Store

Author: mckaragoz

UltimateAuth.slnx

@@ -26,6 +26,7 @@
   <Project Path="src/credentials/CodeBeam.UltimateAuth.Credentials.InMemory/CodeBeam.UltimateAuth.Credentials.InMemory.csproj" Id="62ee7b1d-46ce-4f2e-985d-1e794f891b8b" />
   <Project Path="src/credentials/CodeBeam.UltimateAuth.Credentials.Reference/CodeBeam.UltimateAuth.Credentials.Reference.csproj" Id="ca03a140-f3dc-4a21-9b7d-895a3b10808b" />
   <Project Path="src/credentials/CodeBeam.UltimateAuth.Credentials/CodeBeam.UltimateAuth.Credentials.csproj" Id="2281c3b5-1d60-4542-a673-553f96eed25b" />
+  <Project Path="src/persistence/CodeBeam.UltimateAuth.EntityFrameworkCore.Abstractions/CodeBeam.UltimateAuth.EntityFrameworkCore.Abstractions.csproj" Id="8867767d-bd1b-4d51-ac3f-0979038165c9" />
   <Project Path="src/policies/CodeBeam.UltimateAuth.Policies/CodeBeam.UltimateAuth.Policies.csproj" Id="b37c337f-2446-4f54-8684-b72fa83ac444" />
   <Project Path="src/security/CodeBeam.UltimateAuth.Security.Argon2/CodeBeam.UltimateAuth.Security.Argon2.csproj" Id="6abfb7a6-ea36-42db-a843-38054dd40fd8" />
   <Project Path="src/sessions/CodeBeam.UltimateAuth.Sessions.EntityFrameworkCore/CodeBeam.UltimateAuth.Sessions.EntityFrameworkCore.csproj" Id="5b9a090d-1689-4a81-9dfa-3ba69f0bda38" />

src/CodeBeam.UltimateAuth.Core/Abstractions/Stores/IRefreshTokenStore.cs

@@ -1,23 +1,22 @@
 using CodeBeam.UltimateAuth.Core.Domain;
-using CodeBeam.UltimateAuth.Core.MultiTenancy;
 
 namespace CodeBeam.UltimateAuth.Core.Abstractions;
 
-/// <summary>
-/// Low-level persistence abstraction for refresh tokens.
-/// NO validation logic. NO business rules.
-/// </summary>
 public interface IRefreshTokenStore
 {
-    Task StoreAsync(TenantKey tenant, StoredRefreshToken token, CancellationToken ct = default);
+    Task ExecuteAsync(Func<CancellationToken, Task> action, CancellationToken ct = default);
 
-    Task<StoredRefreshToken?> FindByHashAsync(TenantKey tenant, string tokenHash, CancellationToken ct = default);
+    Task<TResult> ExecuteAsync<TResult>(Func<CancellationToken, Task<TResult>> action, CancellationToken ct = default);
 
-    Task RevokeAsync(TenantKey tenant, string tokenHash, DateTimeOffset revokedAt, string? replacedByTokenHash = null, CancellationToken ct = default);
+    Task StoreAsync(RefreshToken token, CancellationToken ct = default);
 
-    Task RevokeBySessionAsync(TenantKey tenant, AuthSessionId sessionId, DateTimeOffset revokedAt, CancellationToken ct = default);
+    Task<RefreshToken?> FindByHashAsync(string tokenHash, CancellationToken ct = default);
 
-    Task RevokeByChainAsync(TenantKey tenant, SessionChainId chainId, DateTimeOffset revokedAt, CancellationToken ct = default);
+    Task RevokeAsync(string tokenHash, DateTimeOffset revokedAt, string? replacedByTokenHash = null, CancellationToken ct = default);
 
-    Task RevokeAllForUserAsync(TenantKey tenant, UserKey userKey, DateTimeOffset revokedAt, CancellationToken ct = default);
+    Task RevokeBySessionAsync(AuthSessionId sessionId, DateTimeOffset revokedAt, CancellationToken ct = default);
+
+    Task RevokeByChainAsync(SessionChainId chainId, DateTimeOffset revokedAt, CancellationToken ct = default);
+
+    Task RevokeAllForUserAsync(UserKey userKey, DateTimeOffset revokedAt, CancellationToken ct = default);
 }

src/CodeBeam.UltimateAuth.Core/Abstractions/Stores/IRefreshTokenStoreFactory.cs

@@ -0,0 +1,8 @@
+using CodeBeam.UltimateAuth.Core.MultiTenancy;
+
+namespace CodeBeam.UltimateAuth.Core.Abstractions;
+
+public interface IRefreshTokenStoreFactory
+{
+    IRefreshTokenStore Create(TenantKey tenant);
+}

src/CodeBeam.UltimateAuth.Core/AssemblyVisibility.cs

@@ -2,4 +2,5 @@
 
 [assembly: InternalsVisibleTo("CodeBeam.UltimateAuth.Server")]
 [assembly: InternalsVisibleTo("CodeBeam.UltimateAuth.Sessions.EntityFrameworkCore")]
+[assembly: InternalsVisibleTo("CodeBeam.UltimateAuth.Tokens.EntityFrameworkCore")]
 [assembly: InternalsVisibleTo("CodeBeam.UltimateAuth.Tests.Unit")]

src/CodeBeam.UltimateAuth.Core/Contracts/Login/LoginResult.cs

@@ -7,7 +7,7 @@ public sealed record LoginResult
     public LoginStatus Status { get; init; }
     public AuthSessionId? SessionId { get; init; }
     public AccessToken? AccessToken { get; init; }
-    public RefreshToken? RefreshToken { get; init; }
+    public RefreshTokenInfo? RefreshToken { get; init; }
     public LoginContinuation? Continuation { get; init; }
     public AuthFailureReason? FailureReason { get; init; }
     public DateTimeOffset? LockoutUntilUtc { get; init; }

src/CodeBeam.UltimateAuth.Core/Contracts/Refresh/RefreshFlowResult.cs

@@ -9,7 +9,7 @@ public sealed class RefreshFlowResult
 
     public AuthSessionId? SessionId { get; init; }
     public AccessToken? AccessToken { get; init; }
-    public RefreshToken? RefreshToken { get; init; }
+    public RefreshTokenInfo? RefreshToken { get; init; }
 
     public static RefreshFlowResult ReauthRequired()
     {
@@ -24,7 +24,7 @@ public static RefreshFlowResult Success(
         RefreshOutcome outcome,
         AuthSessionId? sessionId = null,
         AccessToken? accessToken = null,
-        RefreshToken? refreshToken = null)
+        RefreshTokenInfo? refreshToken = null)
     {
         return new RefreshFlowResult
         {

src/CodeBeam.UltimateAuth.Core/Contracts/Token/AuthTokens.cs

@@ -12,5 +12,5 @@ public sealed record AuthTokens
     /// </summary>
     public AccessToken AccessToken { get; init; } = default!;
 
-    public RefreshToken? RefreshToken { get; init; }
+    public RefreshTokenInfo? RefreshToken { get; init; }
 }

…uth.Core/Contracts/Token/RefreshToken.cs …Core/Contracts/Token/RefreshTokenInfo.cssrc/CodeBeam.UltimateAuth.Core/Contracts/Token/RefreshToken.cs renamed to src/CodeBeam.UltimateAuth.Core/Contracts/Token/RefreshTokenInfo.cs src/CodeBeam.UltimateAuth.Core/Contracts/Token/RefreshToken.cs renamed to src/CodeBeam.UltimateAuth.Core/Contracts/Token/RefreshTokenInfo.cs

@@ -3,7 +3,7 @@
 /// <summary>
 /// Transport model for refresh token. Returned to client once upon creation.
 /// </summary>
-public sealed class RefreshToken
+public sealed class RefreshTokenInfo
 {
     /// <summary>
     /// Plain refresh token value (returned to client once).

src/CodeBeam.UltimateAuth.Core/Contracts/Token/RefreshTokenRotationResult.cs

@@ -10,15 +10,15 @@ public sealed record RefreshTokenRotationResult
 
     public AuthSessionId? SessionId { get; init; }
     public AccessToken? AccessToken { get; init; }
-    public RefreshToken? RefreshToken { get; init; }
+    public RefreshTokenInfo? RefreshToken { get; init; }
 
     private RefreshTokenRotationResult() { }
 
     public static RefreshTokenRotationResult Failed() => new() { IsSuccess = false, ReauthRequired = true };
 
     public static RefreshTokenRotationResult Success(
         AccessToken accessToken,
-        RefreshToken refreshToken)
+        RefreshTokenInfo refreshToken)
         => new()
         {
             IsSuccess = true,

src/CodeBeam.UltimateAuth.Core/Domain/Device/DeviceContext.cs

@@ -38,11 +38,11 @@ public static DeviceContext Anonymous()
 
     public static DeviceContext Create(
         DeviceId deviceId,
-        string? deviceType,
-        string? platform,
-        string? operatingSystem,
-        string? browser,
-        string? ipAddress)
+        string? deviceType = null,
+        string? platform = null,
+        string? operatingSystem = null,
+        string? browser = null,
+        string? ipAddress = null)
     {
         return new DeviceContext(
             deviceId,