From: Martin Kühl Date: Tue, 28 Aug 2018 23:25:40 +0000 (+0200) Subject: OAuth: Support /revoke endpoint for revoking tokens X-Git-Url: https://git.squeep.com/?a=commitdiff_plain;h=84d84e4ca49c02180828d65d95b841953ed04ef0;p=akkoma OAuth: Support /revoke endpoint for revoking tokens (for compatibility with Mastodon) --- diff --git a/lib/pleroma/web/oauth/oauth_controller.ex b/lib/pleroma/web/oauth/oauth_controller.ex index 934171585..160cedd8e 100644 --- a/lib/pleroma/web/oauth/oauth_controller.ex +++ b/lib/pleroma/web/oauth/oauth_controller.ex @@ -118,6 +118,18 @@ defmodule Pleroma.Web.OAuth.OAuthController do token_exchange(conn, params) end + def token_revoke(conn, %{"token" => token} = params) do + with %App{} = app <- get_app_from_request(conn, params), + %Token{} = token <- Repo.get_by(Token, token: token, app_id: app.id), + {:ok, %Token{}} <- Repo.delete(token) do + json(conn, %{}) + else + _error -> + # RFC 7009: invalid tokens [in the request] do not cause an error response + json(conn, %{}) + end + end + defp fix_padding(token) do token |> Base.url_decode64!(padding: false) diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index 927323794..5f746df31 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -93,6 +93,7 @@ defmodule Pleroma.Web.Router do get("/authorize", OAuthController, :authorize) post("/authorize", OAuthController, :create_authorization) post("/token", OAuthController, :token_exchange) + post("/revoke", OAuthController, :token_revoke) end scope "/api/v1", Pleroma.Web.MastodonAPI do