Method: OAuth2::AccessToken#revoke
- Defined in:
- lib/oauth2/access_token.rb
#revoke(params = {}) {|req| ... } ⇒ OAuth2::Response Also known as: revoke!
Note:
If the token passed to the request is an access token, the server MAY revoke the respective refresh token as well.
Note:
If the token passed to the request is a refresh token and the authorization server supports the revocation of access tokens, then the authorization server SHOULD also invalidate all access tokens based on the same authorization grant
Note:
If the server responds with HTTP status code 503, your code must assume the token still exists and may retry after a reasonable delay. The server may include a “Retry-After” header in the response to indicate how long the service is expected to be unavailable to the requesting client.
Revokes the token at the authorization server
264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 |
# File 'lib/oauth2/access_token.rb', line 264 def revoke(params = {}, &block) token_type_hint_orig = params.delete(:token_type_hint) token_type_hint = nil revoke_token = case token_type_hint_orig when "access_token", :access_token token_type_hint = "access_token" token when "refresh_token", :refresh_token token_type_hint = "refresh_token" refresh_token when nil if token token_type_hint = "access_token" token elsif refresh_token token_type_hint = "refresh_token" refresh_token end else raise OAuth2::Error.new({error: "token_type_hint must be one of [nil, :refresh_token, :access_token], so if you need something else consider using a subclass or entirely custom AccessToken class."}) end raise OAuth2::Error.new({error: "#{token_type_hint || "unknown token type"} is not available for revoking"}) unless revoke_token && !revoke_token.empty? @client.revoke_token(revoke_token, token_type_hint, params, &block) end |