Skip to main content


abstract persistent class %OAuth2.Server.CookieSession extends %Library.Persistent, %OAuth2.Server.AbstractSession

SQL Table Name: %OAuth2_Server.CookieSession

This class implements a simple OAuth2 session maintenance class where the user's session is tracked by an opaque cookie. This is a persistent class containing basic session data indexed by the cookie value.

Property Inventory

Method Inventory


parameter COOKIENAME;
The name of the cookie used to maintain the session


property AuthTime as %Integer;
The time when the user was authenticated
Property methods: AuthTimeDisplayToLogical(), AuthTimeGet(), AuthTimeIsValid(), AuthTimeLogicalToDisplay(), AuthTimeNormalize(), AuthTimeSet()
Opaque Cookie value used to track the user's session
Property methods: CookieDisplayToLogical(), CookieGet(), CookieIsValid(), CookieLogicalToDisplay(), CookieLogicalToOdbc(), CookieNormalize(), CookieSet()
property Expires as %Integer;
Expires is the time in seconds from beginning of the Unix epoch when the session expires. If Expires="", then session does not expire.
Property methods: ExpiresDisplayToLogical(), ExpiresGet(), ExpiresIsValid(), ExpiresLogicalToDisplay(), ExpiresNormalize(), ExpiresSet()
property Scope as %String);
Scope is the blank separated list of scopes permitted for this user in this session.
Property methods: ScopeDisplayToLogical(), ScopeGet(), ScopeIsValid(), ScopeLogicalToDisplay(), ScopeLogicalToOdbc(), ScopeNormalize(), ScopeSet()
property Username as %Library.Username (COLLATION = "EXACT");
The User name associated with this session
Property methods: UsernameDisplayToLogical(), UsernameGet(), UsernameIsValid(), UsernameLogicalToDisplay(), UsernameLogicalToOdbc(), UsernameNormalize(), UsernameSet()


classmethod DeleteAll() as %Status
Delete all sessions.
classmethod GetCookie() as %String
This method will retrieve the cookie value for the current session, if one exists.
classmethod GetUser(Output scope As %String, Output authTime As %Integer, Output sc As %Status, authCode As %String = "") as %String
Return the username (and granted scopes, and authentication time) for the current session, or "" if there is no current session.
classmethod Login(username As %String, scope As %String, interval As %Integer, Output authTime As %Integer, authCode As %String = "") as %Status
Create a new session for the given user. This creates a new session Object and sets a new cookie in the User Agent referencing this session.
classmethod Logout() as %Status
Terminate the current session. This will delete the session object and all cookies associated with it and expire the cookie. Absence of a session is not seen as an error and this method will still return 1 (though it won't actually do anything if no session exists).
classmethod MakeCookieValue() as %String
This method is used to produce the cookie value for a new session.
classmethod SetCookie(value As %String, expires As %Integer)
This method will set the given cookie value in the User Agent, with the given expiration time.
classmethod Update(scope As %String, interval As %Integer) as %Status
Update the current session with the given scope values and timeout interval. This does nothing if there is no current session.


index (CookieIndex on Cookie) [IdKey, Type = key, Unique];
The IDKEY for the session class.
Index methods: CookieIndexCheck(), CookieIndexDelete(), CookieIndexExists(), CookieIndexOpen(), CookieIndexSQLCheckUnique(), CookieIndexSQLExists(), CookieIndexSQLFindPKeyByConstraint(), CookieIndexSQLFindRowIDByConstraint()
index (ExpiresIndex on Expires);
Order by expiration time
Index methods: ExpiresIndexExists()
index (UserIndex on Username);
The session is indexed by the Username
Index methods: UserIndexExists()

Inherited Members

Inherited Methods


FeedbackOpens in a new tab