@@ -194,6 +194,74 @@ func (p *Persister) HandleConsentRequest(ctx context.Context, challenge string,
194194 return p .GetConsentRequest (ctx , challenge )
195195}
196196
197+ func (p * Persister ) ExtendConsentRequest (ctx context.Context , scopeStrategy fosite.ScopeStrategy , cr * consent.ConsentRequest , extendBy int ) error {
198+ return p .transaction (ctx , func (ctx context.Context , c * pop.Connection ) error {
199+ tn := consent.HandledConsentRequest {}.TableName ()
200+
201+ var sessionHcr consent.HandledConsentRequest
202+ if err := c .
203+ Where (fmt .Sprintf ("r.subject = ? AND r.client_id = ? AND r.login_session_id = ? AND r.skip=FALSE AND (%s.error='{}' AND %s.remember=TRUE)" , tn , tn ), cr .Subject , cr .ClientID , cr .LoginSessionID .String ()).
204+ Join ("hydra_oauth2_consent_request AS r" , fmt .Sprintf ("%s.challenge = r.challenge" , tn )).
205+ Order (fmt .Sprintf ("%s.requested_at DESC" , tn )).
206+ Limit (1 ).
207+ First (& sessionHcr ); err != nil {
208+ if errors .Is (err , sql .ErrNoRows ) {
209+ return errorsx .WithStack (consent .ErrNoPreviousConsentFound )
210+ }
211+ return sqlcon .HandleError (err )
212+ }
213+
214+ var latestHcr consent.HandledConsentRequest
215+ if err := c .
216+ Where (fmt .Sprintf ("r.subject = ? AND r.client_id = ? AND r.skip=FALSE AND (%s.error='{}' AND %s.remember=TRUE)" , tn , tn ), cr .Subject , cr .ClientID ).
217+ Join ("hydra_oauth2_consent_request AS r" , fmt .Sprintf ("%s.challenge = r.challenge" , tn )).
218+ Order (fmt .Sprintf ("%s.requested_at DESC" , tn )).
219+ Limit (1 ).
220+ First (& latestHcr ); err != nil {
221+ if errors .Is (err , sql .ErrNoRows ) {
222+ return errorsx .WithStack (consent .ErrNoPreviousConsentFound )
223+ }
224+ return sqlcon .HandleError (err )
225+ }
226+
227+ if err := p .extendHandledConsentRequest (ctx , cr , scopeStrategy , sessionHcr , extendBy ); err != nil {
228+ return err
229+ }
230+
231+ if latestHcr .ID != sessionHcr .ID {
232+ if err := p .extendHandledConsentRequest (ctx , cr , scopeStrategy , latestHcr , extendBy ); err != nil {
233+ return err
234+ }
235+ }
236+ return nil
237+ })
238+ }
239+
240+ func (p * Persister ) extendHandledConsentRequest (ctx context.Context , cr * consent.ConsentRequest , scopeStrategy fosite.ScopeStrategy , hcr consent.HandledConsentRequest , extendBy int ) error {
241+ for _ , scope := range cr .RequestedScope {
242+ if ! scopeStrategy (hcr .GrantedScope , scope ) {
243+ return nil
244+ }
245+ }
246+
247+ isConsentRequestExpired := hcr .RememberFor > 0 && hcr .RequestedAt .Add (time .Duration (hcr .RememberFor )* time .Second ).Before (time .Now ().UTC ())
248+ if isConsentRequestExpired {
249+ return nil
250+ }
251+
252+ remainingTime := hcr .RequestedAt .Unix () + int64 (hcr .RememberFor ) - time .Now ().Unix ()
253+ if remainingTime > 0 {
254+ hcr .RememberFor = hcr .RememberFor + extendBy - int (remainingTime )
255+ } else {
256+ hcr .RememberFor = hcr .RememberFor + extendBy
257+ }
258+
259+ if err := sqlcon .HandleError (p .Connection (ctx ).Update (& hcr )); err != nil {
260+ return err
261+ }
262+ return nil
263+ }
264+
197265func (p * Persister ) VerifyAndInvalidateConsentRequest (ctx context.Context , verifier string ) (* consent.HandledConsentRequest , error ) {
198266 var r consent.HandledConsentRequest
199267 return & r , p .transaction (ctx , func (ctx context.Context , c * pop.Connection ) error {
0 commit comments