Challenge

Helper object to generate and validate short single-use unique values with expiration that are suitable for use as JWT nonce/challenge.

This implementation is not a very scalable, but it is the simplest one that is persistent and would reliably detect nonce/challenge replay.

Functions

suspend fun create(expiration: Instant = Clock.System.now() + 10.minutes): String

Generates a nonce/challenge string.

suspend fun validateAndConsume(challenge: String)

Validates a nonce/challenge and atomically marks it as used, so another attempt to validate it will fail.