Add revoke token

diff --git a/lib/pleroma/web/oauth/token.ex b/lib/pleroma/web/oauth/token.ex
index 40bf0ac6b9b6f04854a844c9e90e37e237866dac..380a3936051b24470b1fc1e6913f30127fdc6612 100644 (file)
--- a/lib/pleroma/web/oauth/token.ex
+++ b/lib/pleroma/web/oauth/token.ex
@@ -53,9 +53,18 @@ defmodule Pleroma.Web.OAuth.Token do
     |> Repo.delete_all()
   end
 
-  def get_user_tokens(%User{id: user_id}) do
+  def delete_user_token(%User{id: user_id}, token_id) do
     from(
       t in Pleroma.Web.OAuth.Token,
+      where: t.user_id == ^user_id,
+      where: t.id == ^token_id
+    )
+    |> Repo.delete_all()
+  end
+
+  def get_user_tokens(%User{id: user_id}) do
+    from(
+      t in Token,
       where: t.user_id == ^user_id
     )
     |> Repo.all()

diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex
index a394900b227018883217ca9b6745c4d2fc28c400..d45fa526ee02007637d5d4aed1300bc3744a72cf 100644 (file)
--- a/lib/pleroma/web/router.ex
+++ b/lib/pleroma/web/router.ex
@@ -391,6 +391,7 @@ defmodule Pleroma.Web.Router do
     get("/externalprofile/show", TwitterAPI.Controller, :external_profile)
 
     get("/oauth_tokens", TwitterAPI.Controller, :oauth_tokens)
+    delete("/oauth_tokens/:id", TwitterAPI.Controller, :revoke_token)
   end
 
   pipeline :ap_relay do

diff --git a/lib/pleroma/web/twitter_api/twitter_api_controller.ex b/lib/pleroma/web/twitter_api/twitter_api_controller.ex
index 1a43e9a60f4ad86a2ffa613e5ea3f254b068bfb0..fac05f288181ff02db9af9ba9b5a167e5a615c4f 100644 (file)
--- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex
+++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex
@@ -554,6 +554,12 @@ defmodule Pleroma.Web.TwitterAPI.Controller do
     end
   end
 
+  def revoke_token(%{assigns: %{user: user}} = conn, %{"id" => id} = _params) do
+    Token.delete_user_token(user, id)
+
+    json_reply(conn, 201, "")
+  end
+
   def blocks(%{assigns: %{user: user}} = conn, _params) do
     with blocked_users <- User.blocked_users(user) do
       conn

diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs
index c50d82def38be4bbd9a255a13575c69de3f1151a..527a920fb0f2dc32b3761452749b113b6b87c9b1 100644 (file)
--- a/test/web/twitter_api/twitter_api_controller_test.exs
+++ b/test/web/twitter_api/twitter_api_controller_test.exs
@@ -8,6 +8,7 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
   alias Pleroma.Builders.{ActivityBuilder, UserBuilder}
   alias Pleroma.{Repo, Activity, User, Object, Notification}
   alias Pleroma.Web.ActivityPub.ActivityPub
+  alias Pleroma.Web.OAuth.Token
   alias Pleroma.Web.TwitterAPI.UserView
   alias Pleroma.Web.TwitterAPI.NotificationView
   alias Pleroma.Web.CommonAPI
@@ -1878,12 +1879,16 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
   end
 
   describe "GET /api/oauth_tokens" do
-    test "renders list" do
-      token = insert(:oauth_token)
+    setup do
+      token = insert(:oauth_token) |> Repo.preload(:user)
+
+      %{token: token}
+    end
 
+    test "renders list", %{token: token} do
       response =
         build_conn()
-        |> assign(:user, Repo.get(User, token.user_id))
+        |> assign(:user, token.user)
         |> get("/api/oauth_tokens")
 
       keys =
@@ -1893,5 +1898,17 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
 
       assert keys -- ["id", "refresh_token", "token", "valid_until"] == []
     end
+
+    test "revoke token", %{token: token} do
+      response =
+        build_conn()
+        |> assign(:user, token.user)
+        |> delete("/api/oauth_tokens/#{token.id}")
+
+      tokens = Token.get_user_tokens(token.user)
+
+      assert tokens == []
+      assert response.status == 201
+    end
   end
 end