Merge pull request #17 from Navigraph/fix/update-logout-actions

SkySails · web-flow · commit bb16fd26abfa · 2022-10-19T18:26:19.000+02:00
diff --git a/.changeset/famous-coats-deny.md b/.changeset/famous-coats-deny.md
@@ -0,0 +1,5 @@
+---
+"@navigraph/auth": patch
+---
+
+Call token revocation endpoint on signout instead of calling endsession.
diff --git a/packages/auth/package.json b/packages/auth/package.json
@@ -31,6 +31,9 @@
   "publishConfig": {
     "access": "public"
   },
+  "engines": {
+    "node": ">=10"
+  },
   "scripts": {
     "build": "tsup src/index.ts --format esm,cjs --dts ",
     "dev": "tsup src/index.ts --format esm,cjs --watch --dts --sourcemap inline",
diff --git a/packages/auth/src/constants.ts b/packages/auth/src/constants.ts
@@ -1,3 +1,4 @@
 export const IDENTITY_ROOT = "https://identity.api.navigraph.com";
 export const IDENTITY_DEVICE_AUTH = IDENTITY_ROOT + "/connect/deviceauthorization";
 export const IDENTITY_ENDSESSION_ENDPOINT = IDENTITY_ROOT + "/connect/endsession";
+export const IDENTITY_REVOCATION_ENDPOINT = IDENTITY_ROOT + "/connect/revocation";
diff --git a/packages/auth/src/internal.ts b/packages/auth/src/internal.ts
@@ -1,4 +1,5 @@
-import { IDENTITY_ENDSESSION_ENDPOINT } from "./constants";
+import { getApp, Logger } from "@navigraph/app";
+import { IDENTITY_REVOCATION_ENDPOINT } from "./constants";
 import { authenticatedAxios } from "./network";
 import { CustomStorage, Listener, StorageKeys, User } from "./public-types";
 
@@ -38,8 +39,24 @@ export const setUser = (user: User | null) => {
 export const setInitialized = (initialized: boolean) => (INITIALIZED = initialized);
 
 export const signOut = () => {
+  const app = getApp();
+  const refreshToken = tokenStorage.getRefreshToken();
+
+  if (app && refreshToken) {
+    authenticatedAxios
+      .post(
+        IDENTITY_REVOCATION_ENDPOINT,
+        new URLSearchParams({
+          client_id: app.clientId,
+          client_secret: app.clientSecret,
+          token__type_hint: "refresh_token",
+          token: refreshToken,
+        })
+      )
+      .catch(() => Logger.warning("Failed to revoke token on signout"));
+  }
+
   tokenStorage.setAccessToken();
   tokenStorage.setRefreshToken();
   setUser(null);
-  authenticatedAxios.get(IDENTITY_ENDSESSION_ENDPOINT).catch(() => "");
 };
diff --git a/tsconfig.json b/tsconfig.json
@@ -8,6 +8,7 @@
     "moduleResolution": "node",
     "skipLibCheck": true,
     "strict": true,
+    "noImplicitAny": true,
     "isolatedModules": true,
     "noFallthroughCasesInSwitch": true,
     "esModuleInterop": true,

-Original file line number
+Diff line change
@@ @@ -0,0 +1,5 @@ @@
 +---
 +"@navigraph/auth": patch
 +---
++
 +Call token revocation endpoint on signout instead of calling endsession.