search

manfredsteyer / angular-oauth2-oidc

Support for OAuth 2 and OpenId Connect (OIDC) in Angular.
MIT License
1.87k stars 685 forks source link

Add support for RFC 7009 (OAuth2 Token Revocation) #763

Open vvkmangalagi opened 4 years ago

vvkmangalagi commented 4 years ago

Is your feature request related to a problem? Please describe. When the user logouts from the app presently library doesn't support the revocation of the token from CIAM.

Describe the solution you'd like It’s our responsibility to revoke the access_token that CIAM has provided you during the login. To do so, you’ll need to call the revocation_endpoint you have retrieved as part of the autodiscovery document. CIAM supports the standard oAuth Revocation endpoint. for example.

const revoke_endpoint = discovery.revocation_endpoint;
const current_access_token = 'Current User Access Token'
fetch(
    revoke_endpoint,
    {
         method:"POST",
         headers : {"Content-Type": "application/x-www-form-urlencoded"},
         body: `token=${current_access_token}`
    }
)
jeroenheijmans commented 4 years ago

Are you talking about support for RFC 7009? Or some other (part of a) spec?

vvkmangalagi commented 4 years ago

Yes @jeroenheijmans I am talking about the same.

FiReBlUe45 commented 2 years ago

any news or an alternative ?