Alexander/FitTrackee
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

API - add access token revocation

Browse Source
This commit is contained in:
Sam
2022-05-27 14:46:03 +02:00
parent 887553dd5d
commit eeae632b01
3 changed files with 81 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
fittrackee/oauth2/config.py
View File

@@ -1,7 +1,10 @@
from authlib.integrations.sqla_oauth2 import create_revocation_endpoint
from authlib.oauth2.rfc7636 import CodeChallenge
from flask import Flask
from .grants import AuthorizationCodeGrant, RefreshTokenGrant
from fittrackee import db
from .grants import AuthorizationCodeGrant, OAuth2Token, RefreshTokenGrant
from .server import authorization_server
@@ -13,3 +16,8 @@ def config_oauth(app: Flask) -> None:
AuthorizationCodeGrant, [CodeChallenge(required=True)]
)
authorization_server.register_grant(RefreshTokenGrant)
# support revocation
revocation_cls = create_revocation_endpoint(db.session, OAuth2Token)
revocation_cls.CLIENT_AUTH_METHODS = ['client_secret_post']
authorization_server.register_endpoint(revocation_cls)