aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorChocobozzz <me@florianbigard.com>2020-04-30 08:47:25 +0200
committerChocobozzz <chocobozzz@cpy.re>2020-05-04 16:21:39 +0200
commitdadc90bca257f2d785713a37949c3a1bf6a5243d (patch)
tree6d7a79df1c89efac2790cd46e00fea7883384314
parent5a7eecdd56120bc29b47ab071c8b8cd16efa3843 (diff)
downloadPeerTube-dadc90bca257f2d785713a37949c3a1bf6a5243d.tar.gz
PeerTube-dadc90bca257f2d785713a37949c3a1bf6a5243d.tar.zst
PeerTube-dadc90bca257f2d785713a37949c3a1bf6a5243d.zip
Client calls revoke-token endpoint on logout
-rw-r--r--client/src/app/core/auth/auth.service.ts13
-rw-r--r--server/controllers/plugins.ts2
-rw-r--r--server/lib/auth.ts2
3 files changed, 14 insertions, 3 deletions
diff --git a/client/src/app/core/auth/auth.service.ts b/client/src/app/core/auth/auth.service.ts
index 61d755ba0..e624c6a20 100644
--- a/client/src/app/core/auth/auth.service.ts
+++ b/client/src/app/core/auth/auth.service.ts
@@ -29,6 +29,7 @@ type UserLoginWithUserInformation = UserLoginWithUsername & User
29export class AuthService { 29export class AuthService {
30 private static BASE_CLIENT_URL = environment.apiUrl + '/api/v1/oauth-clients/local' 30 private static BASE_CLIENT_URL = environment.apiUrl + '/api/v1/oauth-clients/local'
31 private static BASE_TOKEN_URL = environment.apiUrl + '/api/v1/users/token' 31 private static BASE_TOKEN_URL = environment.apiUrl + '/api/v1/users/token'
32 private static BASE_REVOKE_TOKEN_URL = environment.apiUrl + '/api/v1/users/revoke-token'
32 private static BASE_USER_INFORMATION_URL = environment.apiUrl + '/api/v1/users/me' 33 private static BASE_USER_INFORMATION_URL = environment.apiUrl + '/api/v1/users/me'
33 private static LOCAL_STORAGE_OAUTH_CLIENT_KEYS = { 34 private static LOCAL_STORAGE_OAUTH_CLIENT_KEYS = {
34 CLIENT_ID: 'client_id', 35 CLIENT_ID: 'client_id',
@@ -170,7 +171,17 @@ export class AuthService {
170 } 171 }
171 172
172 logout () { 173 logout () {
173 // TODO: make an HTTP request to revoke the tokens 174 const authHeaderValue = this.getRequestHeaderValue()
175 const headers = new HttpHeaders().set('Authorization', authHeaderValue)
176
177 this.http.post<void>(AuthService.BASE_REVOKE_TOKEN_URL, {}, { headers })
178 .subscribe(
179 () => { /* nothing to do */ },
180
181 err => console.error(err)
182 )
183
184
174 this.user = null 185 this.user = null
175 186
176 AuthUser.flush() 187 AuthUser.flush()
diff --git a/server/controllers/plugins.ts b/server/controllers/plugins.ts
index f12e1c0f5..f88a1632d 100644
--- a/server/controllers/plugins.ts
+++ b/server/controllers/plugins.ts
@@ -149,6 +149,6 @@ function handleAuthInPlugin (req: express.Request, res: express.Response) {
149 logger.debug('Forwarding auth plugin request in %s of plugin %s.', authOptions.authName, res.locals.registeredPlugin.npmName) 149 logger.debug('Forwarding auth plugin request in %s of plugin %s.', authOptions.authName, res.locals.registeredPlugin.npmName)
150 authOptions.onAuthRequest(req, res) 150 authOptions.onAuthRequest(req, res)
151 } catch (err) { 151 } catch (err) {
152 logger.error('Forward request error in auth %s of plugin %s.', authOptions.authName, res.locals.registeredPlugin.npmName) 152 logger.error('Forward request error in auth %s of plugin %s.', authOptions.authName, res.locals.registeredPlugin.npmName, { err })
153 } 153 }
154} 154}
diff --git a/server/lib/auth.ts b/server/lib/auth.ts
index 2ef77bc9c..1fa896f6e 100644
--- a/server/lib/auth.ts
+++ b/server/lib/auth.ts
@@ -68,7 +68,7 @@ async function handleTokenRevocation (req: express.Request, res: express.Respons
68 // } 68 // }
69 // }) 69 // })
70 70
71 return res.sendStatus(200) 71 return res.json()
72} 72}
73 73
74async function onExternalUserAuthenticated (options: { 74async function onExternalUserAuthenticated (options: {