notes/cisco_ft_securex_registration.org

notes/cisco_ft_securex_registration.org

@@ -161,9 +161,46 @@ following schema:
 
 #+begin_src clojure
 (defprotocol OrgAccessRequestService
-  (create)
-  )
+  "See iroh-auth.registraion.org-access-request.schemas/ServiceFns for schemas."
+  :extend-via-metadata true
 
+  ;; Service-to-Service API
+  (check-org-access-request-authorization!
+    [this user-id client-id org-access-request-id scopes]
+    "Throw an exception if the refresh token does not allow to
+     grant the scopes for this user and this client.
+     Should be used during the OAuth2 flows, this is not intended to be used via a Web API.")
+
+  (grant-org-access-request-authorization!
+    [this org-id user-id client-id org-access-request-id scopes]
+    "Save the user granted some refresh token in DB")
+
+  ;; User filtered CRUD+Search for REST API related methods
+  (search-org-access-requests [this user-identity filter-map pagination-params]
+    "Search all refresh token for this user")
+
+  (get-org-access-request
+    [this user-identity org-access-request-id]
+    "Return the refresh token for a user using the org-access-request-id")
+
+  (patch-org-access-request
+    [this user-identity org-access-request-id org-access-request-patch]
+    "Change the list of scopes associated to a refresh token on the server-side
+     Could also be used to enable/disable a refresh token grant.")
+
+  ;; Internal CRUD+Search
+  (raw-search-org-access-requests
+    [this filter-map pagination-params]
+    "Search all refresh token grants")
+
+  (raw-get-org-access-request
+    [this org-access-request-id]
+    "Return the refresh token grant")
+
+  (raw-patch-org-access-request
+    [this org-access-request-id org-access-request-patch]
+    "Change the list of scopes associated to a refresh token on the server-side
+     Could also be used to enable/disable a refresh token grant."))
 #+end_src
 
 **** UserIdentity