SuperSeriousBusiness/GoToSocial
1
1
Fork 0
mirror of https://github.com/superseriousbusiness/gotosocial synced 2025-06-05 21:59:39 +02:00
Code Issues Projects Releases Wiki Activity

[feature] Implement /oauth/revoke for token revocation (#3983)

Browse Source
This commit is contained in:
tobi
2025-04-10 16:24:17 +02:00
committed by GitHub
parent b1a4d54c14
commit e032c959e1
8 changed files with 522 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
internal/api/auth/auth.go
View File

@ -46,6 +46,7 @@ const (
OauthFinalizePath = "/finalize"
OauthOOBTokenPath = "/oob" // #nosec G101 else we get a hardcoded credentials warning
OauthTokenPath = "/token" // #nosec G101 else we get a hardcoded credentials warning
OauthRevokePath = "/revoke"
/*
params / session keys
@ -100,6 +101,7 @@ func (m *Module) RouteAuth(attachHandler func(method string, path string, f ...g
// RouteOAuth routes all paths that should have an 'oauth' prefix
func (m *Module) RouteOAuth(attachHandler func(method string, path string, f ...gin.HandlerFunc) gin.IRoutes) {
attachHandler(http.MethodPost, OauthTokenPath, m.TokenPOSTHandler)
attachHandler(http.MethodPost, OauthRevokePath, m.TokenRevokePOSTHandler)
attachHandler(http.MethodGet, OauthAuthorizePath, m.AuthorizeGETHandler)
attachHandler(http.MethodPost, OauthAuthorizePath, m.AuthorizePOSTHandler)
attachHandler(http.MethodPost, OauthFinalizePath, m.FinalizePOSTHandler)