Comparison

mod_rest/example/rest.sh @ 5431:95cb7e7efa37

mod_rest/rest.sh: Add --logout to revoke token
author Kim Alvefur <zash@zash.se>
date Sun, 07 May 2023 20:42:33 +0200
parent 5430:48c643c851f3
child 5432:1c52efb6fd42
comparison
equal deleted inserted replaced
5430:48c643c851f3 5431:95cb7e7efa37
111 111
112 USERINFO_ENDPOINT="$(echo "$OAUTH_META" | jq -e -r '.userinfo_endpoint')" 112 USERINFO_ENDPOINT="$(echo "$OAUTH_META" | jq -e -r '.userinfo_endpoint')"
113 http --check-status -b --session rest "$USERINFO_ENDPOINT" "Authorization:Bearer $ACCESS_TOKEN" Accept:application/json >&2 113 http --check-status -b --session rest "$USERINFO_ENDPOINT" "Authorization:Bearer $ACCESS_TOKEN" Accept:application/json >&2
114 AUTH_METHOD="session-read-only" 114 AUTH_METHOD="session-read-only"
115 AUTH_ID="rest" 115 AUTH_ID="rest"
116
117 elif [[ "$1" == "--logout" ]]; then
118 # Revoke token
119 source "${XDG_CACHE_HOME:-$HOME/.cache}/rest/$HOST"
120
121 OAUTH_META="$(http --check-status --json "https://$HOST/.well-known/oauth-authorization-server" Accept:application/json)"
122 REVOCATION_ENDPOINT="$(echo "$OAUTH_META" | jq -e -r '.revocation_endpoint')"
123
124 CLIENT_ID="$(echo "$OAUTH_CLIENT_INFO" | jq -e -r '.client_id')"
125 CLIENT_SECRET="$(echo "$OAUTH_CLIENT_INFO" | jq -e -r '.client_secret')"
126
127 http -h --check-status --auth "$CLIENT_ID:$CLIENT_SECRET" --form "$REVOCATION_ENDPOINT" token="$REFRESH_TOKEN"
128
129 # Overwrite the token
130 typeset -p OAUTH_CLIENT_INFO > "${XDG_CACHE_HOME:-$HOME/.cache}/rest/$HOST"
131 exit 0
116 fi 132 fi
117 133
118 if [[ $# == 0 ]]; then 134 if [[ $# == 0 ]]; then
119 # Just login? 135 # Just login?
120 exit 0 136 exit 0