OTRS Academy » Documentation » OTRS API Reference Perl » Kernel::WebApp::Controller::API::Role::HandlesOneTimeTokens

Kernel::WebApp::Controller::API::Role::HandlesOneTimeTokens

October 26, 2023

NAME

Kernel::WebApp::Controller::API::Role::HandlesOneTimeTokens – Role that overrides methods that deal with access tokens in order to make them work with one-time only tokens.

PUBLIC INTERFACE

Consume this role in addition to user type handle token role, in order to change the original behavior of access token methods, so they work with one-time only tokens. Make sure to always consume a specific user type token handling role in addition to this one, otherwise it will throw an error that attributes are missing.

For example, for customer endpoints, consume the customer user type token handling role in addition to this one:

    with qw(
        Kernel::WebApp::Controller::API::Role::HandlesCustomerTokens
        Kernel::WebApp::Controller::API::Role::HandlesOneTimeTokens
    )

Or, for agent endpoints, consume the agent user type token handling role in addition to this one:

with qw( Kernel::WebApp::Controller::API::Role::HandlesCustomerTokens Kernel::WebApp::Controller::API::Role::HandlesOneTimeTokens )

It works by overriding default implementation from Kernel::WebApp::Controller::API::Role::HandlesTokens, but does so using around in order to solve the method conflicts. Note that the original methods will never be called.

ProcessToken()

Tries to decode the passed token and validates it, stores the user login in AuthenticatedUserLogin and immediately invalidates the token record in the DB.

IsAccessTokenValid()

Checks if the one-time jwt token is valid.

    my $AccessToken = $Self->IsAccessTokenValid(
        Token => '...' # jwt-token
    );

Returns

    K::S::AccessToken::Token - in case it exists and is valid.
    C<undef>                 - in case is invalid.

InvalidateAccessToken()

Deletes the passed one-time token.

    my $Result = $Self->InvalidateAccessToken();

Returns

    1        - in case access-token was successfully deleted or there isn't any in the current request.
    C<undef> - in case any error occurs.

IsRecoveryAccessToken()

Check if the given token is a recovery access token.

    my $Result = $Self->IsRecoveryAccessToken();

Returns

    1        - in case access-token is a recovery token.
    C<undef> - in case any error occurs.
FacebookXEmailLinkedIn
Scroll to Top