Documentation for OIDC refresh hooks (#2768)

2022-06-19 11:57:22 +02:00 · 2022-06-19 11:57:22 +02:00 · 5ee334dbf3
parent d3cb90a1cd
commit 5ee334dbf3
1 changed files with 55 additions and 0 deletions
--- a/doc/sources/admin/hooks.rst
+++ b/doc/sources/admin/hooks.rst
@ -178,6 +178,61 @@ Sample code::
   }


+oidcGotOnlineRefresh
+~~~~~~~~~~~~~~~~~~~~
+
+.. versionadded:: 2.0.15
+
+This hook is triggered when LemonLDAP::NG handles a Refresh Token grant for an
+online session
+
+The hook's parameters are:
+
+* the configuration key of the relying party which received the grant
+* A hash of session data for the (internal) Refresh Token session
+* A hash of the user's session data
+
+Sample code::
+
+   use constant hook => {
+       oidcGotOnlineRefresh          => 'logRefresh',
+   };
+
+   sub logRefresh {
+       my ( $self, $req, $rp, $refreshInfo, $sessionInfo ) = @_;
+       my $uid = $sessionInfo->{uid};
+       $self->userLogger->info("OIDC application $rp requested a new access token for $uid");
+       return PE_OK;
+   }
+
+oidcGotOfflineRefresh
+~~~~~~~~~~~~~~~~~~~~~
+
+.. versionadded:: 2.0.15
+
+This hook is triggered when LemonLDAP::NG handles a Refresh Token grant for an
+offline session
+
+The hook's parameters are:
+
+* the configuration key of the relying party which received the grant
+* A hash of session data for the (internal) Refresh Token session, which also
+  contains user attributes
+
+Sample code::
+
+   use constant hook => {
+       oidcGotOfflineRefresh          => 'logRefreshOffline',
+   };
+
+   sub logRefreshOffline {
+       my ( $self, $req, $rp, $refreshInfo ) = @_;
+       my $uid = $refreshInfo->{uid};
+       $self->userLogger->info("OIDC application $rp used offline access for $uid");
+       return PE_OK;
+   }
+
+
 SAML Issuer hooks
 -----------------