Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

oauth2: token revocation endpoint #233

Closed
aeneasr opened this issue Aug 24, 2016 · 5 comments
Closed

oauth2: token revocation endpoint #233

aeneasr opened this issue Aug 24, 2016 · 5 comments
Assignees
@aeneasr
Labels
feat New feature or request.
Milestone
0.6.0

Comments

@aeneasr
Copy link
Member

aeneasr commented Aug 24, 2016

No description provided.

@aeneasr aeneasr added the feat New feature or request. label Aug 24, 2016
@aeneasr aeneasr self-assigned this Aug 24, 2016
@waynerobinson
Copy link

Is this to explicitly revoke tokens (e.g. by logging out)? Is there currently a revocation list for access tokens in Hydra somewhere that works with the Warden and OAuth Identity endpoints?

@aeneasr
Copy link
Member Author

aeneasr commented Sep 13, 2016

Yes, exactly, this endpoint is for revoking valid tokens. There is currently no possibility to revoke tokens.

Am 12.09.2016 um 07:14 schrieb Wayne Robinson [email protected]:

Is this to explicitly revoke tokens (e.g. by logging out)? Is there currently a revocation list for access tokens in Hydra somewhere that works with the Warden and OAuth Identity endpoints?


You are receiving this because you were assigned.
Reply to this email directly, view it on GitHub #233 (comment), or mute the thread https://github.com/notifications/unsubscribe-auth/ADN1evv99rqT3Z2Vh-q7VwR4mLpo67sEks5qpN-ggaJpZM4Jr5Ik.

aeneasr pushed a commit that referenced this issue Oct 17, 2016
* oauth2/introspect: make endpoint rfc7662 compatible - closes #289
cde615d 
* connections: remove connections API - closes #265
* oauth2: token revocation endpoint - closes #233
* vendor: update to fosite 0.5.0
@aeneasr
Copy link
Member Author

aeneasr commented Oct 24, 2016

done!

@aeneasr aeneasr closed this as completed Oct 24, 2016
@waynerobinson
Copy link

Does refreshing a token revoke the previous one? This is how other providers I've used work, but unsure as to whether that's the standard.

@aeneasr
Copy link
Member Author

aeneasr commented Oct 24, 2016

Per spec: the refresh token revokes all future refresh tokens and all access tokens issued by the refresh token. The revokation of an access token revokes all refresh tokens, given any.

aeneasr pushed a commit that referenced this issue Oct 25, 2016
@arekkas
0.6.0 (#293)
8256356 
* oauth2: scopes should be separated by %20 and not +, to ensure javascript compatibility - closes #277
* oauth2/introspect: make endpoint rfc7662 compatible - closes #289
* warden: make it clear that ladon.Request.Subject is not required or break bc and remove it - closes #270
* travis: execute gox build only when new commit is a new tag - closes #285
* docs: improve introduction (#267)
* core: (health) monitoring endpoint - closes #216
* oauth2/introspect: make endpoint rfc7662 compatible - closes #289
* connections: remove connections API - closes #265
* oauth2: token revocation endpoint - closes #233
* vendor: update to fosite 0.5.0
* core: add sql support #292
* connections: remove connections API - closes #265
* all: coverage report is missing covered lines of nested packages - closes #296
* cmd: prettify the `hydra token user` output - closes #281
* travis: make it possible for travis-ci to build forked repos - closes #295
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@aeneasr aeneasr

Labels
feat New feature or request.
Projects
None yet
Milestone
0.6.0
Development

No branches or pull requests
2 participants
@waynerobinson @aeneasr