class Doorkeeper::TokensController

def revoke

OAuth 2.0 Token Revocation - https://datatracker.ietf.org/doc/html/rfc7009

def revoke
  # The authorization server responds with HTTP status code 200 if the client
  # submitted an invalid token or the token has been revoked successfully.
  if token.blank?
    render json: {}, status: 200
  # The authorization server validates [...] and whether the token
  # was issued to the client making the revocation request. If this
  # validation fails, the request is refused and the client is informed
  # of the error by the authorization server as described below.
  elsif authorized?
    revoke_token
    render json: {}, status: 200
  else
    render json: revocation_error_response, status: :forbidden
  end
end

Instance Methods

# after_successful_authorization
# authorize_response
# authorized?
# before_successful_authorization
# build_context
# create
# introspect
# revocation_error_response
# revoke
# revoke_token
# strategy
# token
# validate_presence_of_client

Modules

Classes

class Doorkeeper::TokensController

def revoke

Instance Methods