A social pastebin built on atproto.
1-- Temporary state during the OAuth authorization flow.
2-- Each row represents an in-progress login attempt.
3-- Deleted after the callback completes (or on expiry).
4CREATE TABLE IF NOT EXISTS oauth_auth_request (
5 state TEXT NOT NULL PRIMARY KEY,
6 authserver_iss TEXT NOT NULL,
7 did TEXT,
8 handle TEXT,
9 pds_url TEXT,
10 pkce_verifier TEXT NOT NULL,
11 scope TEXT NOT NULL,
12 dpop_authserver_nonce TEXT NOT NULL,
13 dpop_private_jwk TEXT NOT NULL
14);
15
16-- Active authenticated sessions.
17-- One row per logged-in user. Tokens are refreshed in place.
18CREATE TABLE IF NOT EXISTS oauth_session (
19 did TEXT NOT NULL PRIMARY KEY,
20 handle TEXT,
21 pds_url TEXT NOT NULL,
22 authserver_iss TEXT NOT NULL,
23 access_token TEXT,
24 refresh_token TEXT,
25 dpop_authserver_nonce TEXT NOT NULL,
26 dpop_pds_nonce TEXT,
27 dpop_private_jwk TEXT NOT NULL
28);