Client calls revoke-token endpoint on logout

author Chocobozzz <me@florianbigard.com>

Thu, 30 Apr 2020 06:47:25 +0000 (08:47 +0200)

committer Chocobozzz <chocobozzz@cpy.re>

Mon, 4 May 2020 14:21:39 +0000 (16:21 +0200)
author Chocobozzz <me@florianbigard.com>
Thu, 30 Apr 2020 06:47:25 +0000 (08:47 +0200)
committer Chocobozzz <chocobozzz@cpy.re>
Mon, 4 May 2020 14:21:39 +0000 (16:21 +0200)
diff --git a/client/src/app/core/auth/auth.service.ts b/client/src/app/core/auth/auth.service.ts

index 61d755ba0a14eb7651dd6671297cc00c4d143fc2..e624c6a202695aed265437f37caed232ed0e1732 100644 (file)
--- a/client/src/app/core/auth/auth.service.ts
+++ b/client/src/app/core/auth/auth.service.ts
@@ -29,6 +29,7 @@ type UserLoginWithUserInformation = UserLoginWithUsername & User
  export class AuthService {
    private static BASE_CLIENT_URL = environment.apiUrl + '/api/v1/oauth-clients/local'
    private static BASE_TOKEN_URL = environment.apiUrl + '/api/v1/users/token'
+  private static BASE_REVOKE_TOKEN_URL = environment.apiUrl + '/api/v1/users/revoke-token'
    private static BASE_USER_INFORMATION_URL = environment.apiUrl + '/api/v1/users/me'
    private static LOCAL_STORAGE_OAUTH_CLIENT_KEYS = {
      CLIENT_ID: 'client_id',
@@ -170,7 +171,17 @@ export class AuthService {
    }
  
    logout () {
-    // TODO: make an HTTP request to revoke the tokens
+    const authHeaderValue = this.getRequestHeaderValue()
+    const headers = new HttpHeaders().set('Authorization', authHeaderValue)
+
+    this.http.post<void>(AuthService.BASE_REVOKE_TOKEN_URL, {}, { headers })
+    .subscribe(
+      () => { /* nothing to do */ },
+
+      err => console.error(err)
+    )
+
+
      this.user = null
  
      AuthUser.flush()
diff --git a/server/controllers/plugins.ts b/server/controllers/plugins.ts

index f12e1c0f596c36c09fd7db1ac6e85ca7222ae135..f88a1632d7b3d5903be581a7d7f9ffc93da21c21 100644 (file)
--- a/server/controllers/plugins.ts
+++ b/server/controllers/plugins.ts
@@ -149,6 +149,6 @@ function handleAuthInPlugin (req: express.Request, res: express.Response) {
      logger.debug('Forwarding auth plugin request in %s of plugin %s.', authOptions.authName, res.locals.registeredPlugin.npmName)
      authOptions.onAuthRequest(req, res)
    } catch (err) {
-    logger.error('Forward request error in auth %s of plugin %s.', authOptions.authName, res.locals.registeredPlugin.npmName)
+    logger.error('Forward request error in auth %s of plugin %s.', authOptions.authName, res.locals.registeredPlugin.npmName, { err })
    }
  }
diff --git a/server/lib/auth.ts b/server/lib/auth.ts

index 2ef77bc9ca120d7bc05f374ecf55aa3638adeb9b..1fa896f6ef6ec9324f3b497c1ea1f82ed7cb3f77 100644 (file)
--- a/server/lib/auth.ts
+++ b/server/lib/auth.ts
@@ -68,7 +68,7 @@ async function handleTokenRevocation (req: express.Request, res: express.Respons
    //   }
    // })
  
-  return res.sendStatus(200)
+  return res.json()
  }
  
  async function onExternalUserAuthenticated (options: {
author	Chocobozzz <me@florianbigard.com>
	Thu, 30 Apr 2020 06:47:25 +0000 (08:47 +0200)
committer	Chocobozzz <chocobozzz@cpy.re>
	Mon, 4 May 2020 14:21:39 +0000 (16:21 +0200)
client/src/app/core/auth/auth.service.ts		patch \| blob \| history
server/controllers/plugins.ts		patch \| blob \| history
server/lib/auth.ts		patch \| blob \| history