From dadc90bca257f2d785713a37949c3a1bf6a5243d Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Thu, 30 Apr 2020 08:47:25 +0200 Subject: [PATCH] Client calls revoke-token endpoint on logout --- client/src/app/core/auth/auth.service.ts | 13 ++++++++++++- server/controllers/plugins.ts | 2 +- server/lib/auth.ts | 2 +- 3 files changed, 14 insertions(+), 3 deletions(-) diff --git a/client/src/app/core/auth/auth.service.ts b/client/src/app/core/auth/auth.service.ts index 61d755ba0..e624c6a20 100644 --- a/client/src/app/core/auth/auth.service.ts +++ b/client/src/app/core/auth/auth.service.ts @@ -29,6 +29,7 @@ type UserLoginWithUserInformation = UserLoginWithUsername & User export class AuthService { private static BASE_CLIENT_URL = environment.apiUrl + '/api/v1/oauth-clients/local' private static BASE_TOKEN_URL = environment.apiUrl + '/api/v1/users/token' + private static BASE_REVOKE_TOKEN_URL = environment.apiUrl + '/api/v1/users/revoke-token' private static BASE_USER_INFORMATION_URL = environment.apiUrl + '/api/v1/users/me' private static LOCAL_STORAGE_OAUTH_CLIENT_KEYS = { CLIENT_ID: 'client_id', @@ -170,7 +171,17 @@ export class AuthService { } logout () { - // TODO: make an HTTP request to revoke the tokens + const authHeaderValue = this.getRequestHeaderValue() + const headers = new HttpHeaders().set('Authorization', authHeaderValue) + + this.http.post(AuthService.BASE_REVOKE_TOKEN_URL, {}, { headers }) + .subscribe( + () => { /* nothing to do */ }, + + err => console.error(err) + ) + + this.user = null AuthUser.flush() diff --git a/server/controllers/plugins.ts b/server/controllers/plugins.ts index f12e1c0f5..f88a1632d 100644 --- a/server/controllers/plugins.ts +++ b/server/controllers/plugins.ts @@ -149,6 +149,6 @@ function handleAuthInPlugin (req: express.Request, res: express.Response) { logger.debug('Forwarding auth plugin request in %s of plugin %s.', authOptions.authName, res.locals.registeredPlugin.npmName) authOptions.onAuthRequest(req, res) } catch (err) { - logger.error('Forward request error in auth %s of plugin %s.', authOptions.authName, res.locals.registeredPlugin.npmName) + logger.error('Forward request error in auth %s of plugin %s.', authOptions.authName, res.locals.registeredPlugin.npmName, { err }) } } diff --git a/server/lib/auth.ts b/server/lib/auth.ts index 2ef77bc9c..1fa896f6e 100644 --- a/server/lib/auth.ts +++ b/server/lib/auth.ts @@ -68,7 +68,7 @@ async function handleTokenRevocation (req: express.Request, res: express.Respons // } // }) - return res.sendStatus(200) + return res.json() } async function onExternalUserAuthenticated (options: {