lib/generators/rodauth/oauth/templates/db/migrate/create_rodauth_oauth.rb in rodauth-oauth-1.4.0 vs lib/generators/rodauth/oauth/templates/db/migrate/create_rodauth_oauth.rb in rodauth-oauth-1.5.0

@@ -47,10 +47,13 @@
       t.string :request_object_encryption_enc, null: true
       t.string :request_uris, null: true
       t.boolean :require_signed_request_object, null: true
       t.boolean :require_pushed_authorization_requests, null: false, default: false
 
+      # :oauth_dpop
+      t.string :dpop_bound_access_tokens, null: true
+
       # :oauth_tls_client_auth
       t.string :tls_client_auth_subject_dn, null: true
       t.string :tls_client_auth_san_dns, null: true
       t.string :tls_client_auth_san_uri, null: true
       t.string :tls_client_auth_san_ip, null: true
@@ -84,10 +87,13 @@
       t.datetime :revoked_at
       t.string :scopes, null: false
       t.datetime :created_at, null: false, default: -> { "CURRENT_TIMESTAMP(6)" }
       t.string :access_type, null: false, default: "offline"
 
+      # :oauth_dpop enabled
+      t.string :dpop_jwk, null: true
+
       # :oauth_pkce enabled
       t.string :code_challenge
       t.string :code_challenge_method
 
       # :oauth_device_code_grant enabled
@@ -103,19 +109,24 @@
       # :oidc enabled
       t.string :nonce
       t.string :acr
       t.string :claims_locales
       t.string :claims
+
+      # :oauth_dpop enabled
+      t.string :dpop_jkt
     end
 
     create_table :oauth_pushed_requests do |t|
       t.bigint :oauth_application_id
       t.foreign_key :oauth_applications, column: :oauth_application_id
       t.string :code, null: false, index: { unique: true }
+      t.index %i[oauth_application_id code], unique: true
       t.string :params, null: false
       t.datetime :expires_in, null: false
-      t.index %i[oauth_application_id code], unique: true
+      # :oauth_dpop
+      t.string :dpop_jkt
     end
 
     create_table :oauth_saml_settings do |t|
       t.bigint :oauth_application_id
       t.foreign_key :oauth_applications, column: :oauth_application_id
@@ -124,8 +135,13 @@
       t.string :idp_cert_fingerprint_algorithm, null: true
       t.boolean :check_idp_cert_expiration, null: true
       t.text :name_identifier_format, null: true
       t.string :audience, null: true
       t.string :issuer, null: false, unique: true
+    end
+
+    create_table :oauth_dpop_proofs, primary_key: :jti do |t|
+      t.string :jti, null: false
+      t.datetime :first_use, null: false, default: -> { "CURRENT_TIMESTAMP(6)" }
     end
   end
 end