OIDCAuthorizationStore

class gafaelfawr.storage.oidc.OIDCAuthorizationStore(storage)

Bases: object

Stores and retrieves OpenID Connect authorizations.

Parameters:

storage (EncryptedPydanticRedisStorage[OIDCAuthorization]) – Underlying storage for OIDCAuthorization.

Methods Summary

create(authorization)	Create a new OpenID Connect authorization.
delete(code)	Delete an OpenID Connect authorization.
delete_all()	Delete all stored OpenID Connect authorizations.
get(code)	Retrieve an OpenID Connect authorization.

Methods Documentation

async create(authorization)

Create a new OpenID Connect authorization.

Parameters:

authorization (OIDCAuthorization) – The authorization to create.

Return type:

None

async delete(code)

Delete an OpenID Connect authorization.

Parameters:

code (OIDCAuthorizationCode) – The authorization code.

Return type:

None

async delete_all()

Delete all stored OpenID Connect authorizations.

Return type:

None

async get(code)

Retrieve an OpenID Connect authorization.

Parameters:

code (OIDCAuthorizationCode) – The authorization code.

Returns:

The corresponding authorization, or None if no such authorization exists.

Return type:

OIDCAuthorization or None

Raises:

• safir.redis.DeserializeError – Raised if the authorization exists but cannot be deserialized.

• InvalidGrantError – Raised if the provided secret didn’t match the authorization code.