Closed janboddez closed 1 year ago
$response = wp_remote_post(
// phpcs:ignore Squiz.PHP.CommentedOutCode.Found,Squiz.Commenting.InlineComment.InvalidEndChar
// esc_url_raw( $this->options['pixelfed_host'] ) . '/oauth/revoke',
esc_url_raw( $this->options['pixelfed_host'] . '/oauth/tokens/' . $this->options['pixelfed_access_token'] ),
array(
'method' => 'DELETE',
'headers' => array(
'Authorization' => 'Bearer ' . $this->options['pixelfed_access_token'],
),
'timeout' => 11,
)
);
Seems this somehow always returns a status 200 and login screen.
Seems this somehow always returns a status 200 and login screen.
Because it's behind the auth
middleware and not to be used by external clients.
Rather than use Mastodon's
/oauth/revoke
, you've got to send a DELETE request to/oauth/tokens/<token>
.Because that's how Laravel Passport works.