I am aware that you have to match the API for other languages, but this RevokeToken API is everything but intuitive in C#. I had to go check your API explorer and even try it like this:
All other API takes a SquareClient.Builder().AccessToken() but not this one. It has to go in the
RevokeTokenRequest.
Then, I need to pass in the ApplicationSecret which is called authorization on the method, rather than using the clientSecret like we can find on ObtainTokenRequest.
Then to put the cherry on top, I have to put the word Client, before my ApplicationSecret. Which makes even less sense as for the public API.
Here is a snippet of my code. The RevokeTokenAsync is so different than this ObtainTokenAsync that I had to spend extra time trying to figure out in your code what your API is really doing here.
public async Task<bool> DisconnectAsync(int contractorId, CancellationToken cancellationToken = default(CancellationToken))
{
var accessToken = await GetAccessTokenAsync(contractorId);
var request = new RevokeTokenRequest.Builder()
.ClientId(paymentSquareOptions.ApplicationId)
.AccessToken(accessToken)
.RevokeOnlyAccessToken(false)
.Build();
var response = await GetSquareClient(null).OAuthApi.RevokeTokenAsync(request, $"Client {paymentSquareOptions.ApplicationSecret}", cancellationToken);
return response.Success ?? false;
}
private async Task<(string AccessToken, string ExpiresAt, string RefreshToken)> GetAccessTokenFromAuthorizationCodeAsync(string authorizedCode, CancellationToken cancellationToken = default(CancellationToken))
{
var request = new ObtainTokenRequest.Builder(
paymentSquareOptions.ApplicationId,
paymentSquareOptions.ApplicationSecret,
AUTHORIZATION_CODE
)
.Code(authorizedCode)
.Build();
var response = await GetSquareClient(null).OAuthApi.ObtainTokenAsync(request, cancellationToken);
return (response.AccessToken, response.ExpiresAt, response.RefreshToken);
}
protected virtual internal ISquareClient GetSquareClient(string accessToken)
{
var builder = new SquareClient.Builder()
.Environment(GetEnvironment());
if (!string.IsNullOrEmpty(accessToken))
{
builder = builder
.AccessToken(accessToken);
}
return builder
.Build();
}
I would have expected the following:
var request = new RevokeTokenRequest.Builder(
paymentSquareOptions.ApplicationId,
paymentSquareOptions.ApplicationSecret
)
.AccessToken(accessToken)
.Build();
var response = await GetSquareClient(null).OAuthApi.RevokeTokenAsync(request, cancellationToken);
OR
var request = new RevokeTokenRequest.Builder(
paymentSquareOptions.ApplicationId,
paymentSquareOptions.ApplicationSecret
)
.Build();
var response = await GetSquareClient(accessToken).OAuthApi.RevokeTokenAsync(request, cancellationToken);
I am aware that you have to match the API for other languages, but this RevokeToken API is everything but intuitive in C#. I had to go check your API explorer and even try it like this:
https://developer.squareup.com/explorer/square/o-auth-api/revoke-token
Because I was getting
All other API takes a
SquareClient.Builder().AccessToken()
but not this one. It has to go in theRevokeTokenRequest
. Then, I need to pass in theApplicationSecret
which is calledauthorization
on the method, rather than using theclientSecret
like we can find onObtainTokenRequest
.Then to put the cherry on top, I have to put the word
Client
, before myApplicationSecret
. Which makes even less sense as for the public API.Here is a snippet of my code. The
RevokeTokenAsync
is so different than thisObtainTokenAsync
that I had to spend extra time trying to figure out in your code what your API is really doing here.I would have expected the following:
OR