API - revoke all token for a given client

fittrackee/oauth2/models.py

@@ -93,3 +93,15 @@ class OAuth2Token(BaseModel, OAuth2TokenMixin):
             return False
         expires_at = self.issued_at + self.expires_in * 2
         return expires_at >= time.time()
+
+    @classmethod
+    def revoke_client_tokens(cls, client_id: str) -> None:
+        sql = """
+            UPDATE oauth2_token
+            SET access_token_revoked_at = %(revoked_at)s
+            WHERE client_id = %(client_id)s;
+        """
+        db.engine.execute(
+            sql, {'client_id': client_id, 'revoked_at': int(time.time())}
+        )
+        db.session.commit()

fittrackee/oauth2/routes.py

@@ -5,7 +5,7 @@ from flask import Blueprint, Response, request
 from urllib3.util import parse_url
 
 from fittrackee import db
-from fittrackee.oauth2.models import OAuth2Client
+from fittrackee.oauth2.models import OAuth2Client, OAuth2Token
 from fittrackee.oauth2.server import require_auth
 from fittrackee.responses import (
     HttpResponse,
@@ -152,6 +152,20 @@ def delete_client(
     return {'status': 'no content'}, 204
 
 
+@oauth_blueprint.route('/oauth/apps/<int:client_id>/revoke', methods=['POST'])
+@require_auth()
+def revoke_client_tokens(
+    auth_user: User, client_id: int
+) -> Union[Dict, HttpResponse]:
+    client = OAuth2Client.query.filter_by(id=client_id).first()
+
+    if not client:
+        return NotFoundErrorResponse('OAuth client not found')
+
+    OAuth2Token.revoke_client_tokens(client.client_id)
+    return {'status': 'success'}
+
+
 @oauth_blueprint.route('/oauth/authorize', methods=['POST'])
 @require_auth()
 def authorize(auth_user: User) -> Union[HttpResponse, Dict]: