Interface RefreshTokenFamilyRevocation

Family revocation wrapper. Distinct from rotation per Theme B (per feedback_split_interface_unless_responsibility_intersects): different triggers (admin operation / logout cascade vs. normal authentication flow), different callers, different expected outcomes.

Idempotent revoke + read-only check. The default impl (createRefreshTokenFamilyRevocation) ships as defaultRefreshTokenFamilyRevocationModule.

Per A3 §5.3.

interface RefreshTokenFamilyRevocation {
isFamilyRevoked(familyId: string): Promise<boolean>;
revokeFamily(familyId: string): Promise<void>;
}

Index

Methods

isFamilyRevoked revokeFamily

Methods

isFamilyRevoked

isFamilyRevoked(familyId: string): Promise<boolean>
Read-only check whether a family is revoked.

Returns true iff a family record exists AND its revoked flag is set. Returns false if the family does not exist OR is not revoked.

Hot-path operation (called per request from token-validation routes).

Per A3 §5.3.
Parameters
- familyId: string
Returns Promise<boolean>
- Defined in packages/core/src/refresh-token-family/types.mts:281

revokeFamily

revokeFamily(familyId: string): Promise<void>
Mark a refresh-token family as revoked. Idempotent:
- family exists, not revoked → set revoked: true, commit
- family exists, already revoked → no-op success
- family does not exist → no-op success (target was already GC'd or never existed; admin tools / logout cascade should not fail in that case)
Per A3 §5.3.
Parameters
- familyId: string
Returns Promise<void>
- Defined in packages/core/src/refresh-token-family/types.mts:269

Interface RefreshTokenFamilyRevocation

Index

Methods

Methods

isFamilyRevoked

Parameters

Returns Promise<boolean>

revokeFamily

Parameters

Returns Promise<void>

Settings

On This Page