search

JamesRandall / AngularJS-OAuth2

Package for allowing an AngularJS application to authenticate with an OAuth 2 / Open ID Connect identity provider using the implicit flow.
MIT License
46 stars 42 forks source link

Revoke token #11

Closed markoradinovic closed 8 years ago

markoradinovic commented 8 years ago

Hi, I'm having trouble implementing revoke token functionality.

I find the problem in this method:

scope.signOut = function() {
        var token = accessToken.get().id_token;
        accessToken.destroy();
        endpoint.signOut(token);
};

token variable is always null;

I think it should be:

var token = accessToken.get().access_token;

Thank You for your great library.

Best regards,

Marko Radinovic

JamesRandall commented 8 years ago

Thanks Marko - I'll look to get that included shortly

BennyEmmers commented 8 years ago

This is caused when you do not include id_token in the response-type property of the oauth directive. You also have to include openId in the scope of the directive and in the scopes of the STS. If you would use access_token instead the redirect back to the SPA, after the logout page, will not work.