diff --git a/lib/build/recipe/oauth2provider/api/implementation.js b/lib/build/recipe/oauth2provider/api/implementation.js index 48566f5ee..472fff58a 100644 --- a/lib/build/recipe/oauth2provider/api/implementation.js +++ b/lib/build/recipe/oauth2provider/api/implementation.js @@ -81,19 +81,21 @@ function getAPIImplementation() { }); }, revokeTokenPOST: async (input) => { - if ("authorizationHeader" in input) { + if ("authorizationHeader" in input && input.authorizationHeader !== undefined) { return input.options.recipeImplementation.revokeToken({ token: input.token, authorizationHeader: input.authorizationHeader, userContext: input.userContext, }); - } else { + } else if ("clientId" in input && input.clientId !== undefined) { return input.options.recipeImplementation.revokeToken({ token: input.token, clientId: input.clientId, clientSecret: input.clientSecret, userContext: input.userContext, }); + } else { + throw new Error(`Either of 'authorizationHeader' or 'clientId' must be provided`); } }, introspectTokenPOST: async (input) => { diff --git a/lib/build/recipe/oauth2provider/recipeImplementation.js b/lib/build/recipe/oauth2provider/recipeImplementation.js index 2f381a69f..2a6d65129 100644 --- a/lib/build/recipe/oauth2provider/recipeImplementation.js +++ b/lib/build/recipe/oauth2provider/recipeImplementation.js @@ -527,13 +527,13 @@ function getRecipeInterface(querier, _config, appInfo, getDefaultIdTokenPayload, $isFormData: true, token: input.token, }; - if ("authorizationHeader" in input) { + if ("authorizationHeader" in input && input.authorizationHeader !== undefined) { requestBody.authorizationHeader = input.authorizationHeader; } else { - if ("clientId" in input) { + if ("clientId" in input && input.clientId !== undefined) { requestBody.client_id = input.clientId; } - if ("clientSecret" in input) { + if ("clientSecret" in input && input.clientSecret !== undefined) { requestBody.client_secret = input.clientSecret; } } diff --git a/lib/ts/recipe/oauth2provider/api/implementation.ts b/lib/ts/recipe/oauth2provider/api/implementation.ts index e58f8c30d..8ca86eb63 100644 --- a/lib/ts/recipe/oauth2provider/api/implementation.ts +++ b/lib/ts/recipe/oauth2provider/api/implementation.ts @@ -85,19 +85,21 @@ export default function getAPIImplementation(): APIInterface { }); }, revokeTokenPOST: async (input) => { - if ("authorizationHeader" in input) { + if ("authorizationHeader" in input && input.authorizationHeader !== undefined) { return input.options.recipeImplementation.revokeToken({ token: input.token, authorizationHeader: input.authorizationHeader, userContext: input.userContext, }); - } else { + } else if ("clientId" in input && input.clientId !== undefined) { return input.options.recipeImplementation.revokeToken({ token: input.token, clientId: input.clientId, clientSecret: input.clientSecret, userContext: input.userContext, }); + } else { + throw new Error(`Either of 'authorizationHeader' or 'clientId' must be provided`); } }, introspectTokenPOST: async (input) => { diff --git a/lib/ts/recipe/oauth2provider/recipeImplementation.ts b/lib/ts/recipe/oauth2provider/recipeImplementation.ts index 6854f389d..21f2dd1d3 100644 --- a/lib/ts/recipe/oauth2provider/recipeImplementation.ts +++ b/lib/ts/recipe/oauth2provider/recipeImplementation.ts @@ -513,13 +513,13 @@ export default function getRecipeInterface( token: input.token, }; - if ("authorizationHeader" in input) { + if ("authorizationHeader" in input && input.authorizationHeader !== undefined) { requestBody.authorizationHeader = input.authorizationHeader; } else { - if ("clientId" in input) { + if ("clientId" in input && input.clientId !== undefined) { requestBody.client_id = input.clientId; } - if ("clientSecret" in input) { + if ("clientSecret" in input && input.clientSecret !== undefined) { requestBody.client_secret = input.clientSecret; } }