re-added revoke method to authentication api

closes #5530 - adds revoke api method back into code base
2015-07-07 17:39:43 -04:00 · 2015-07-07 17:39:43 -04:00 · a16be11038
parent b8a1993f14
commit a16be11038
1 changed files with 19 additions and 0 deletions
--- a/core/server/api/authentication.js
+++ b/core/server/api/authentication.js
@ -287,6 +287,25 @@ authentication = {
        }).then(function (result) {
            return Promise.resolve({users: [result]});
        });
+    },
+
+    revoke: function (object) {
+        var token;
+
+        if (object.token_type_hint && object.token_type_hint === 'access_token') {
+            token = dataProvider.Accesstoken;
+        } else if (object.token_type_hint && object.token_type_hint === 'refresh_token') {
+            token = dataProvider.Refreshtoken;
+        } else {
+            return errors.BadRequestError('Invalid token_type_hint given.');
+        }
+
+        return token.destroyByToken({token: object.token}).then(function () {
+            return Promise.resolve({token: object.token});
+        }, function () {
+            // On error we still want a 200. See https://tools.ietf.org/html/rfc7009#page-5
+            return Promise.resolve({token: object.token, error: 'Invalid token provided'});
+        });
    }
 };