Revoke oauth token on signout

This commit is contained in:
r 2023-10-02 06:44:26 +00:00
parent df031d5edd
commit b83a00aa2c
3 changed files with 18 additions and 0 deletions

View file

@ -138,6 +138,16 @@ func (c *Client) AuthenticateToken(ctx context.Context, authCode, redirectURI st
return c.authenticate(ctx, params) return c.authenticate(ctx, params)
} }
func (c *Client) RevokeToken(ctx context.Context) error {
params := url.Values{
"client_id": {c.config.ClientID},
"client_secret": {c.config.ClientSecret},
"token": {c.GetAccessToken(ctx)},
}
return c.doAPI(ctx, http.MethodPost, "/oauth/revoke", params, nil, nil)
}
func (c *Client) authenticate(ctx context.Context, params url.Values) error { func (c *Client) authenticate(ctx context.Context, params url.Values) error {
u, err := url.Parse(c.config.Server) u, err := url.Parse(c.config.Server)
if err != nil { if err != nil {

View file

@ -902,6 +902,10 @@ func (s *service) Signin(c *client, code string) (err error) {
return c.setSession(c.s) return c.setSession(c.s)
} }
func (s *service) Signout(c *client) (err error) {
return c.RevokeToken(c.ctx)
}
func (s *service) Post(c *client, content string, replyToID string, func (s *service) Post(c *client, content string, replyToID string,
format string, visibility string, isNSFW bool, format string, visibility string, isNSFW bool,
files []*multipart.FileHeader) (id string, err error) { files []*multipart.FileHeader) (id string, err error) {

View file

@ -676,6 +676,10 @@ func NewHandler(s *service, verbose bool, staticDir string) http.Handler {
}, CSRF, HTML) }, CSRF, HTML)
signout := handle(func(c *client) error { signout := handle(func(c *client) error {
err := s.Signout(c)
if err != nil {
return err
}
c.unsetSession() c.unsetSession()
c.redirect("/") c.redirect("/")
return nil return nil