OAuth2.Server.Sessionpersistent class OAuth2.Server.Session
The OAuth2.Server.Session class is the default SessionClass which is included with the server.
The default class will use httpOnly cookies to maintain the session.
The SessionClass is specified in the Authorization Server Configuration. The SessionClass must contain GetUser, Update, Login and Logout methods with signatures as specified in this class.
The time when the user was authenticated. property Cookie as %String(COLLATION="EXACT",MAXLEN=128) [ Required ];
Cookie that is used to track the session. property Expires as %Integer;
Expires is the time in seconds from beginning of the Unix epoch when the session expires. If Expires="", then session does not expire. property Scope as %String(MAXLEN=1024);
Scope is the blank separated list of scopes permitted for this user in this session. property Username as %String(COLLATION="EXACT");
User that is logged in by this session.
An overridable method to obtain the cookie. This allows easy change of the cookie format. classmethod GetUser(Output scope As %String, authTime As %Integer, Output sc As %Status) as %String
The GetUser method returns the name of the user currently logged into this session. If no session exists, then "" is returned. classmethod Login(username As %String, scope As %String, interval As %Integer, Output authTime As %Integer) as %Status
The Login method creates a new session for the user named by username. classmethod Logout()
The scope argument specifies a blank separated list of scopes that this user is authorized for. The interval argument is seconds until expiration for the session. If interval=0, then the session will not expire.
The Logout method terminates the current session. It is not considered an error to have no current session. classmethod MakeCookieValue() as %String
An overridable method to create a new cookie value. This allows easy change of the cookie format. classmethod SetCookie(value As %String, expires As %Integer)
Set the cookie. classmethod Update(scope As %String, interval As %Integer) as %Status
The Update method updates the existing current session. The blank separated list of scopes in the scope argument updates the scopes associated with the session. If the interval argument is specified the session interval is updated. The interval argument is seconds until expiration for the session. If interval=0, then the session will not expire.
The IDKEY for the session class.index (ExpiresIndex on Expires);
Order by timeindex (UserIndex on Username);
The session is indexed by the Username