oauth/constants/constants.go at 64fa62eb6fa0bc4f0fe8c6038241e638759a280d · hailey.at/cocoon

hailey.at / cocoon

An atproto PDS written in Go

cocoon / oauth / constants / constants.go

at 64fa62eb6fa0bc4f0fe8c6038241e638759a280d 1.3 kB view raw

 1package constants
 2
 3import "time"
 4
 5const (
 6	MaxDpopAge         = 10 * time.Second
 7	DpopCheckTolerance = 5 * time.Second
 8
 9	NonceSecretByteLength = 32
10
11	NonceMaxRotationInterval = DpopNonceMaxAge / 3
12	NonceMinRotationInterval = 1 * time.Second
13
14	JTICacheSize = 100_000
15	JTITtl       = 24 * time.Hour
16
17	ClientAssertionTypeJwtBearer = "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
18	ParExpiresIn                 = 5 * time.Minute
19
20	ClientAssertionMaxAge = 1 * time.Minute
21
22	DeviceIdPrefix      = "dev-"
23	DeviceIdBytesLength = 16
24
25	SessionIdPrefix      = "ses-"
26	SessionIdBytesLength = 16
27
28	RefreshTokenPrefix      = "ref-"
29	RefreshTokenBytesLength = 32
30
31	RequestIdPrefix      = "req-"
32	RequestIdBytesLength = 16
33	RequestUriPrefix     = "urn:ietf:params:oauth:request_uri:"
34
35	CodePrefix      = "cod-"
36	CodeBytesLength = 32
37
38	TokenIdPrefix      = "tok-"
39	TokenIdBytesLength = 16
40
41	TokenMaxAge = 60 * time.Minute
42
43	AuthorizationInactivityTimeout = 5 * time.Minute
44
45	DpopNonceMaxAge = 3 * time.Minute
46
47	ConfidentialClientSessionLifetime = 2 * 365 * 24 * time.Hour // 2 years
48	ConfidentialClientRefreshLifetime = 3 * 30 * 24 * time.Hour  // 3 months
49
50	PublicClientSessionLifetime = 2 * 7 * 24 * time.Hour // 2 weeks
51	PublicClientRefreshLifetime = PublicClientSessionLifetime
52)