Software /
code /
prosody-modules
Diff
mod_rest/example/rest.sh @ 5431:95cb7e7efa37
mod_rest/rest.sh: Add --logout to revoke token
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sun, 07 May 2023 20:42:33 +0200 |
parent | 5430:48c643c851f3 |
child | 5432:1c52efb6fd42 |
line wrap: on
line diff
--- a/mod_rest/example/rest.sh Sun May 07 20:41:35 2023 +0200 +++ b/mod_rest/example/rest.sh Sun May 07 20:42:33 2023 +0200 @@ -113,6 +113,22 @@ http --check-status -b --session rest "$USERINFO_ENDPOINT" "Authorization:Bearer $ACCESS_TOKEN" Accept:application/json >&2 AUTH_METHOD="session-read-only" AUTH_ID="rest" + +elif [[ "$1" == "--logout" ]]; then + # Revoke token + source "${XDG_CACHE_HOME:-$HOME/.cache}/rest/$HOST" + + OAUTH_META="$(http --check-status --json "https://$HOST/.well-known/oauth-authorization-server" Accept:application/json)" + REVOCATION_ENDPOINT="$(echo "$OAUTH_META" | jq -e -r '.revocation_endpoint')" + + CLIENT_ID="$(echo "$OAUTH_CLIENT_INFO" | jq -e -r '.client_id')" + CLIENT_SECRET="$(echo "$OAUTH_CLIENT_INFO" | jq -e -r '.client_secret')" + + http -h --check-status --auth "$CLIENT_ID:$CLIENT_SECRET" --form "$REVOCATION_ENDPOINT" token="$REFRESH_TOKEN" + + # Overwrite the token + typeset -p OAUTH_CLIENT_INFO > "${XDG_CACHE_HOME:-$HOME/.cache}/rest/$HOST" + exit 0 fi if [[ $# == 0 ]]; then