aboutsummaryrefslogtreecommitdiffhomepage
path: root/server
diff options
context:
space:
mode:
Diffstat (limited to 'server')
-rw-r--r--server/controllers/api/users/token.ts2
-rw-r--r--server/lib/auth/oauth-model.ts10
2 files changed, 9 insertions, 3 deletions
diff --git a/server/controllers/api/users/token.ts b/server/controllers/api/users/token.ts
index 3eae28b34..694bb0a92 100644
--- a/server/controllers/api/users/token.ts
+++ b/server/controllers/api/users/token.ts
@@ -88,7 +88,7 @@ async function handleToken (req: express.Request, res: express.Response, next: e
88async function handleTokenRevocation (req: express.Request, res: express.Response) { 88async function handleTokenRevocation (req: express.Request, res: express.Response) {
89 const token = res.locals.oauth.token 89 const token = res.locals.oauth.token
90 90
91 const result = await revokeToken(token, true) 91 const result = await revokeToken(token, { req, explicitLogout: true })
92 92
93 return res.json(result) 93 return res.json(result)
94} 94}
diff --git a/server/lib/auth/oauth-model.ts b/server/lib/auth/oauth-model.ts
index c74869ee2..b9c69eb2d 100644
--- a/server/lib/auth/oauth-model.ts
+++ b/server/lib/auth/oauth-model.ts
@@ -1,3 +1,4 @@
1import * as express from 'express'
1import { AccessDeniedError } from 'oauth2-server' 2import { AccessDeniedError } from 'oauth2-server'
2import { PluginManager } from '@server/lib/plugins/plugin-manager' 3import { PluginManager } from '@server/lib/plugins/plugin-manager'
3import { ActorModel } from '@server/models/activitypub/actor' 4import { ActorModel } from '@server/models/activitypub/actor'
@@ -125,15 +126,20 @@ async function getUser (usernameOrEmail?: string, password?: string, bypassLogin
125 126
126async function revokeToken ( 127async function revokeToken (
127 tokenInfo: { refreshToken: string }, 128 tokenInfo: { refreshToken: string },
128 explicitLogout?: boolean 129 options: {
130 req?: express.Request
131 explicitLogout?: boolean
132 } = {}
129): Promise<{ success: boolean, redirectUrl?: string }> { 133): Promise<{ success: boolean, redirectUrl?: string }> {
134 const { req, explicitLogout } = options
135
130 const token = await OAuthTokenModel.getByRefreshTokenAndPopulateUser(tokenInfo.refreshToken) 136 const token = await OAuthTokenModel.getByRefreshTokenAndPopulateUser(tokenInfo.refreshToken)
131 137
132 if (token) { 138 if (token) {
133 let redirectUrl: string 139 let redirectUrl: string
134 140
135 if (explicitLogout === true && token.User.pluginAuth && token.authName) { 141 if (explicitLogout === true && token.User.pluginAuth && token.authName) {
136 redirectUrl = await PluginManager.Instance.onLogout(token.User.pluginAuth, token.authName, token.User, this.request) 142 redirectUrl = await PluginManager.Instance.onLogout(token.User.pluginAuth, token.authName, token.User, req)
137 } 143 }
138 144
139 TokensCache.Instance.clearCacheByToken(token.accessToken) 145 TokensCache.Instance.clearCacheByToken(token.accessToken)