search

panva / openid-client

OAuth 2 / OpenID Connect Client API for JavaScript Runtimes
MIT License
1.83k stars 392 forks source link

How to override issuer.metadata.revocation_endpoint #228

Closed manuel-di-iorio closed 4 years ago

manuel-di-iorio commented 4 years ago

Is your feature request related to a problem? Please describe. The discovery server I'm connecting to, does not return the revocation endpoint in the metadata but it actually does have one. In order to revoke user tokens I'd like to manually provide the revocation endpoint to the issuer/client but looks like the issuer.metadata object is read-only.

Example code:

const issuer = await Issuer.discover("discover server URL");
issuer.metadata.revocation_endpoint = "manually provided server revocation URL";
console.log(issuer.metadata.revocation_endpoint) // <-- undefined
client = new issuer.Client({ response_types: ['code'], client_id, client_secret });

Describe the solution you'd like Being able to replace issuer.metadata.revocation_endpoint or provide it in another way in order to call client.revoke()

panva commented 4 years ago 
const { metadata } = await Issuer.discover("discover server URL")
const issuer = new Issuer({ 
  revocation_endpoint: "manually provided server revocation URL", 
  ...metadata
})

Is that not the clear go to?

manuel-di-iorio commented 4 years ago

Nice solution, ty