Class: AtprotoAuth::State::SessionManager

Inherits:

Object

• Object
• AtprotoAuth::State::SessionManager

Defined in:

lib/atproto_auth/state/session_manager.rb

Overview

Manages active OAuth sessions with secure persistent storage

Instance Method Summary

• #cleanup_expired ⇒ void

  Removes all expired sessions.

• #create_session(client_id:, scope:, auth_server: nil, did: nil) ⇒ Session

  Creates and stores a new session.

• #get_session(session_id) ⇒ Session^?

  Retrieves a session by ID.

• #get_session_by_state(state) ⇒ Session^?

  Finds a session by state token.

• #initialize ⇒ SessionManager constructor

  A new instance of SessionManager.

• #remove_session(session_id) ⇒ void

  Removes a session.

• #update_session(session) ⇒ Session

  Updates an existing session.

Constructor Details

#initialize ⇒ SessionManager

Returns a new instance of SessionManager.

# File 'lib/atproto_auth/state/session_manager.rb', line 7

def initialize
  @serializer = Serialization::Session.new
end

Instance Method Details

#cleanup_expired ⇒ void

This method returns an undefined value.

Removes all expired sessions

# File 'lib/atproto_auth/state/session_manager.rb', line 117

def cleanup_expired
  # No-op - expiry handled by storage TTL and retrieval validation
end

#create_session(client_id:, scope:, auth_server: nil, did: nil) ⇒ Session

Creates and stores a new session

Parameters:

• client_id (String) —

  OAuth client ID

• scope (String) —

  Requested scope

• auth_server (AuthorizationServer, nil) (defaults to: nil) —

  Optional pre-resolved auth server

• did (String, nil) (defaults to: nil) —

  Optional pre-resolved DID

Returns:

• (Session) —

  The created session

# File 'lib/atproto_auth/state/session_manager.rb', line 17

def create_session(client_id:, scope:, auth_server: nil, did: nil)
  session = Session.new(
    client_id: client_id,
    scope: scope,
    auth_server: auth_server,
    did: did
  )

  # Store both session and state mapping atomically
  session_key = Storage::KeyBuilder.session_key(session.session_id)
  state_key = Storage::KeyBuilder.state_key(session.state_token)

  AtprotoAuth.storage.with_lock(session_key, ttl: 30) do
    serialized = @serializer.serialize(session)
    AtprotoAuth.storage.set(session_key, serialized)
    AtprotoAuth.storage.set(state_key, session.session_id)
  end

  session
end

#get_session(session_id) ⇒ Session^?

Retrieves a session by ID

Parameters:

• session_id (String) —

  Session ID to look up

Returns:

• (Session, nil) —

  The session if found

# File 'lib/atproto_auth/state/session_manager.rb', line 58

def get_session(session_id)
  session_key = Storage::KeyBuilder.session_key(session_id)

  begin
    serialized = AtprotoAuth.storage.get(session_key)
    return nil unless serialized
  rescue StandardError => e
    AtprotoAuth.configuration.logger.error("Failed to get session: #{e.message}")
    return nil
  end

  begin
    session = @serializer.deserialize(serialized)
    return nil if !session.renewable? && session.tokens&.expired?

    session
  rescue StandardError => e
    AtprotoAuth.configuration.logger.error("Failed to deserialize session: #{e.message}")
    nil
  end
end

#get_session_by_state(state) ⇒ Session^?

Finds a session by state token

Parameters:

• state (String) —

  State token to look up

Returns:

• (Session, nil) —

  The session if found

# File 'lib/atproto_auth/state/session_manager.rb', line 83

def get_session_by_state(state)
  return nil unless state

  state_key = Storage::KeyBuilder.state_key(state)

  begin
    session_id = AtprotoAuth.storage.get(state_key)
    return nil unless session_id
  rescue StandardError => e
    AtprotoAuth.configuration.logger.error("Failed to get session by state: #{e.message}")
    return nil
  end

  get_session(session_id)
end

#remove_session(session_id) ⇒ void

This method returns an undefined value.

Removes a session

Parameters:

• session_id (String) —

  Session ID to remove

# File 'lib/atproto_auth/state/session_manager.rb', line 102

def remove_session(session_id)
  session = get_session(session_id)
  return unless session

  session_key = Storage::KeyBuilder.session_key(session_id)
  state_key = Storage::KeyBuilder.state_key(session.state_token)

  AtprotoAuth.storage.with_lock(session_key, ttl: 30) do
    AtprotoAuth.storage.delete(session_key)
    AtprotoAuth.storage.delete(state_key)
  end
end

#update_session(session) ⇒ Session

Updates an existing session

Returns:

• (Session) —

  The session to update

• (Session) —

  The updated session

# File 'lib/atproto_auth/state/session_manager.rb', line 41

def update_session(session)
  session_key = Storage::KeyBuilder.session_key(session.session_id)

  AtprotoAuth.storage.with_lock(session_key, ttl: 30) do
    serialized = @serializer.serialize(session)
    AtprotoAuth.storage.set(session_key, serialized)

    state_key = Storage::KeyBuilder.state_key(session.state_token)
    AtprotoAuth.storage.set(state_key, session.session_id)
  end

  session
end