30 lines
1.5 KiB
Ruby
30 lines
1.5 KiB
Ruby
class OidcTokenCleanupJob < ApplicationJob
|
|
queue_as :default
|
|
|
|
def perform
|
|
# Delete expired access tokens (keep revoked ones for audit trail)
|
|
expired_access_tokens = OidcAccessToken.where("expires_at < ?", 7.days.ago)
|
|
deleted_count = expired_access_tokens.delete_all
|
|
Rails.logger.info "OIDC Token Cleanup: Deleted #{deleted_count} expired access tokens"
|
|
|
|
# Delete expired refresh tokens (keep revoked ones for audit trail)
|
|
expired_refresh_tokens = OidcRefreshToken.where("expires_at < ?", 7.days.ago)
|
|
deleted_count = expired_refresh_tokens.delete_all
|
|
Rails.logger.info "OIDC Token Cleanup: Deleted #{deleted_count} expired refresh tokens"
|
|
|
|
# Delete old revoked tokens (after 30 days for audit trail)
|
|
old_revoked_access_tokens = OidcAccessToken.where("revoked_at < ?", 30.days.ago)
|
|
deleted_count = old_revoked_access_tokens.delete_all
|
|
Rails.logger.info "OIDC Token Cleanup: Deleted #{deleted_count} old revoked access tokens"
|
|
|
|
old_revoked_refresh_tokens = OidcRefreshToken.where("revoked_at < ?", 30.days.ago)
|
|
deleted_count = old_revoked_refresh_tokens.delete_all
|
|
Rails.logger.info "OIDC Token Cleanup: Deleted #{deleted_count} old revoked refresh tokens"
|
|
|
|
# Delete old used authorization codes (after 7 days)
|
|
old_auth_codes = OidcAuthorizationCode.where("created_at < ?", 7.days.ago)
|
|
deleted_count = old_auth_codes.delete_all
|
|
Rails.logger.info "OIDC Token Cleanup: Deleted #{deleted_count} old authorization codes"
|
|
end
|
|
end
|