Skip to main content

Module device

Module device 

Source

Structs§

ApprovedDeviceGrant
The approved grant data the token endpoint consumes to issue tokens.
DeviceGrant
A pending RFC 8628 device authorization grant, keyed in the store by its device_code and reachable for the browser approval step through a separate user_code index.

Enums§

DeviceGrantPoll
The outcome of a token-endpoint poll, mapped to the RFC 8628 §3.5 error codes by the caller.
DeviceGrantStatus

Constants§

DEVICE_CODE_LENGTH 🔒
DEVICE_GRANT_INTERVAL_SECS
DEVICE_GRANT_LIFETIME
MAX_VERIFY_ATTEMPTS 🔒
Cap on how many times one grant’s user_code may be brought to the consent step before it self-invalidates (RFC 8628 §5.1 per-code attempt cap / §5.4 possession limit), generous enough for a page reload.
USER_CODE_CHARSET 🔒
RFC 8628 §6.1 base-20 alphabet: uppercase consonants only, so a user can type the code without modifier keys and without forming words or hitting a confusable digit.
USER_CODE_LENGTH 🔒
user_code length. Ten base-20 characters is ~43 bits: with the always-on per-IP throttle over the grant lifetime that keeps a single source well under the RFC 8628 §5.1 brute-force ceiling, while staying short enough to type.

Functions§

format_user_code
Render a stored user code for display, grouped with a single hyphen.
normalize_user_code 🔒
Fold user input back to the stored form: uppercase, keeping only charset bytes (RFC 8628 §6.1) so hyphens, spaces and case do not defeat the lookup.