-
Notifications
You must be signed in to change notification settings - Fork 0
Services IRefreshTokenStore
The Refresh Token Store is responsible for persisting a refresh token for a user so that other services can later retrieve it when needed.
Validity, expiration, and suitability of a refresh token are not evaluated by the store. Those concerns are the responsibility of the caller. That responsibility belongs to the caller.
- Store a refresh token container for a user.
- Return the stored refresh token container for a user, if any.
- Clear the stored refresh token container for a user.
-
ClearAsync: Clears the token from the token store. -
GetRefreshTokenAsync: Returns the refresh token stored in the token store if it is available. -
SetRefreshTokenAsync: Stores the given refresh token container in the token store.
Blazorade ID registers the Null Refresh Token Store as the default implementation. The default implementation does not store refresh tokens at all.
This default is intentional. It keeps refresh-token persistence opt-in so an application must explicitly choose a storage strategy and register a different implementation if it wants refresh tokens to be retained between operations.
The In-Memory Refresh Token Store keeps the refresh token container in process memory for the lifetime of the process.
Use cases include scenarios where refresh tokens should only live for the lifetime of the application process.
Depending on the chosen implementation, refresh tokens may be available across multiple sessions for the same user (for example, if stored in a durable store keyed by user identity) or only within the current process lifetime (as with the in-memory implementation).
-
SetRefreshTokenAsyncaccepts a null value. An implementation may either store the null value as-is or treat it as a request to remove the stored token. - Storage decisions are application-specific. If you implement a persistent store, consider encryption at rest, access controls, and operational handling (backup, rotation, and incident response) as part of your overall token-handling design.