Interfaces

Project

Facilities TokenStore Prius

NuGet packageOwin.Framework.Facilities.TokenStore.Prius
GitHub sourceOwinFramework.Facilities.TokenStore.Prius

Home |  Readme

An implementation of the ITokenStore facility that persists tokens using the Prius ORM

This package provides an implementation of the ITokenStore interface using the Prius ORM to store tokens in a relational database.

To make this implementation available to other packages that need this interface you just need to add the NuGet package to the project - that's it, there is nothing else to do.

Configuration

The configuration below is the configuration you will get by default if you do not provide a configuration for this package.

{
   "owinFramework": {
      "facility": {
         "tokenStore.prius": {
            "tokenTypes": null
         }
      }
   }
}

To make this token store useful you need to define some token types with the rules to apply to each type of token. Below is an example configuration that demonstrates the layout of the configuration data.

{
   "owinFramework": {
      "facility": {
         "tokenStore.prius": {
            "tokenTypes": [
               { 
                  "name": "PasswordReset", 
                  "rules": [
                     "type": "Expiry", "config": "{ \"expiryTime\": 7 }",
                     "type": "UseCount", "config": "{ \"maxUseCount\": 1 }"
                  ]
               }
            ]
         }
      }
   }
}

Token rules

All token types implement the rules in addition to any rules defined in the configuration:

  • Only tokens that have been created are valid. Checking a random token string will always result in a 'not valid' response.
  • Tokens are no longer valid after they have expired.
  • Tokens are only valid for the purpose, identity and token type they were created with.
  • If a token is created with no purpose then it is valid for any purpose.
  • If a token is created with no identity than it is valid for all identities.
  • It is not valid to create a token with a token type that is not configured.
  • The token itself and the token identity are case sensitive.
  • The token type and purpose are case insentitive.
  • When tokens are deleted they are deleted from the database and immediately become invalid.