RevokeToken
- class DIRAC.FrameworkSystem.private.authorization.grants.RevokeToken.RevocationEndpoint(server)
Bases:
RevocationEndpoint
See
authlib.oauth2.rfc7009.RevocationEndpoint
- CLIENT_AUTH_METHODS = ['client_secret_basic']
Allowed client authenticate methods
- ENDPOINT_NAME = 'revocation'
Endpoint name to be registered
- SUPPORTED_TOKEN_TYPES = ('access_token', 'refresh_token')
Supported token types
- __init__(server)
- authenticate_endpoint_client(request)
Authentication client for endpoint with
CLIENT_AUTH_METHODS
.
- authenticate_token(request, client)
The client constructs the request by including the following parameters using the “application/x-www-form-urlencoded” format in the HTTP request entity-body:
- token
REQUIRED. The token that the client wants to get revoked.
- token_type_hint
OPTIONAL. A hint about the type of the token submitted for revocation.
- check_params(request, client)
- create_endpoint_request(request)
- create_endpoint_response(request)
Validate revocation request and create the response for revocation. For example, a client may request the revocation of a refresh token with the following request:
POST /revoke HTTP/1.1 Host: server.example.com Content-Type: application/x-www-form-urlencoded Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW token=45ghiukldjahdnhzdauz&token_type_hint=refresh_token
- Returns:
(status_code, body, headers)
- query_token(token, token_type_hint, client)
Query requested token from database.