/** * Store a new session, and returns a access & refresh token pair * * @param {import("@compas/stdlib").InsightEvent} event * @param {import("postgres").Sql<{}>} sql * @param {SessionStoreSettings} sessionSettings * @param {any} sessionData * @returns {Promise>} */ export function sessionStoreCreate(event: import("@compas/stdlib").InsightEvent, sql: import("postgres").Sql<{}>, sessionSettings: SessionStoreSettings, sessionData: any): Promise>; /** * Get a session from the provided access token string * * @param {import("@compas/stdlib").InsightEvent} event * @param {import("postgres").Sql<{}>} sql * @param {SessionStoreSettings} sessionSettings * @param {string} [accessTokenString] * @returns {Promise>} */ export function sessionStoreGet(event: import("@compas/stdlib").InsightEvent, sql: import("postgres").Sql<{}>, sessionSettings: SessionStoreSettings, accessTokenString?: string): Promise>; /** * Update the session. Expects `session.id`, `session.hash` and `session.data` to exist. * If the hash of the data is the same as `hash`, this function call is ignored. * * @param {import("@compas/stdlib").InsightEvent} event * @param {import("postgres").Sql<{}>} sql * @param {import("./generated/common/types.d.ts").QueryResultStoreSessionStore} session * @returns {Promise>} */ export function sessionStoreUpdate(event: import("@compas/stdlib").InsightEvent, sql: import("postgres").Sql<{}>, session: import("./generated/common/types.d.ts").QueryResultStoreSessionStore): Promise>; /** * Revoke all tokens related to the session * * @param {import("@compas/stdlib").InsightEvent} event * @param {import("postgres").Sql<{}>} sql * @param {import("./generated/common/types.d.ts").QueryResultStoreSessionStore} session * @returns {Promise>} */ export function sessionStoreInvalidate(event: import("@compas/stdlib").InsightEvent, sql: import("postgres").Sql<{}>, session: import("./generated/common/types.d.ts").QueryResultStoreSessionStore): Promise>; /** * Get a new token pair. * - Revokes the old pair. * - Allows for a grace period on the refresh token * - If a refresh token is reused outside the of the grace period, all tokens are revoked * and an `compas.store.sessionHijackDetected` event is created. * * @param {import("@compas/stdlib").InsightEvent} event * @param {import("postgres").Sql<{}>} sql * @param {SessionStoreSettings} sessionSettings * @param {string} [refreshTokenString] * @returns {Promise>} */ export function sessionStoreRefreshTokens(event: import("@compas/stdlib").InsightEvent, sql: import("postgres").Sql<{}>, sessionSettings: SessionStoreSettings, refreshTokenString?: string): Promise>; /** * Cleanup tokens that are expired / revoked longer than 'maxRevokedAgeInDays' days ago. * Also removes the session if no tokens exist anymore. * Note that when tokens are removed, Compas can't detect refresh token reuse, which * hints on session stealing. A good default may be 45 days. * * @param {import("@compas/stdlib").InsightEvent} event * @param {import("postgres").Sql<{}>} sql * @param {number} maxRevokedAgeInDays * @param {number} [maxSessionLifetimeInDays] * @returns {Promise} */ export function sessionStoreCleanupExpiredSessions(event: import("@compas/stdlib").InsightEvent, sql: import("postgres").Sql<{}>, maxRevokedAgeInDays: number, maxSessionLifetimeInDays?: number): Promise; /** * Format and report a potential leaked session. * Revoking all tokens of that session in the process. * Reports it via `compas.sessionStore.potentialLeakedSession` job. * Note that there may be some overlap in tokens, since we allow a grace period in which * another refresh token can be acquired. So if the client has some kind of race * condition, the backend doesn't trip over it. * * @param {import("@compas/stdlib").InsightEvent} event * @param {import("postgres").Sql<{}>} sql * @param {string} sessionId * @returns {Promise} */ export function sessionStoreReportAndRevokeLeakedSession(event: import("@compas/stdlib").InsightEvent, sql: import("postgres").Sql<{}>, sessionId: string): Promise; /** * Create a new token pair for the provided session * * @param {import("@compas/stdlib").InsightEvent} event * @param {import("postgres").Sql<{}>} sql * @param {SessionStoreSettings} sessionSettings * @param {import("./generated/common/types.d.ts").QueryResultStoreSessionStore} session * @returns {Promise>} */ export function sessionStoreCreateTokenPair(event: import("@compas/stdlib").InsightEvent, sql: import("postgres").Sql<{}>, sessionSettings: SessionStoreSettings, session: import("./generated/common/types.d.ts").QueryResultStoreSessionStore): Promise>; /** * Create and sign a nwe JWT token * * @param {import("@compas/stdlib").InsightEvent} event * @param {SessionStoreSettings} sessionSettings * @param {"compasSessionAccessToken"|"compasSessionRefreshToken"} type * @param {string} value * @param {Date} expiresAt * @returns {Promise>} */ export function sessionStoreCreateJWT(event: import("@compas/stdlib").InsightEvent, sessionSettings: SessionStoreSettings, type: "compasSessionAccessToken" | "compasSessionRefreshToken", value: string, expiresAt: Date): Promise>; /** * Verify and decode a JWT token * * @param {import("@compas/stdlib").InsightEvent} event * @param {string} signingKey * @param {string} [tokenString] * @returns {Promise>} */ export function sessionStoreVerifyAndDecodeJWT(event: import("@compas/stdlib").InsightEvent, signingKey: string, tokenString?: string): Promise>; /** * Resolve token lifetimes for the provided session. * * @param {import("postgres").Sql<{}>} sql * @param {import("./generated/common/types.d.ts").QueryResultStoreSessionStore} session * @param {SessionStoreSettings} settings * @returns {Promise<{ * accessTokenMaxAgeInSeconds: number, * refreshTokenMaxAgeInSeconds: number * }>} */ export function sessionStoreResolveTokenMaxAge(sql: import("postgres").Sql<{}>, session: import("./generated/common/types.d.ts").QueryResultStoreSessionStore, settings: SessionStoreSettings): Promise<{ accessTokenMaxAgeInSeconds: number; refreshTokenMaxAgeInSeconds: number; }>; /** * @type {string} */ export const SESSION_STORE_POTENTIAL_LEAKED_SESSION_JOB_NAME: string; export type Either = import("@compas/stdlib").Either; /** * Session store settings. Either the `tokenMaxAgeResolver` is required or the resolved * fields. */ export type SessionStoreSettings = { tokenMaxAgeResolver?: ((sql: import("postgres").Sql<{}>, session: import("./generated/common/types.d.ts").QueryResultStoreSessionStore) => (Promise<{ accessTokenMaxAgeInSeconds: number; refreshTokenMaxAgeInSeconds: number; }> | { accessTokenMaxAgeInSeconds: number; refreshTokenMaxAgeInSeconds: number; })) | undefined; accessTokenMaxAgeInSeconds?: number | undefined; refreshTokenMaxAgeInSeconds?: number | undefined; signingKey: string; }; import { AppError } from "@compas/stdlib";