fix: PR changes

lib/build/recipe/oauth2provider/api/implementation.js

@@ -91,8 +91,8 @@ function getAPIImplementation() {
         },
         revokeTokenPOST: async (input) => {
             return input.options.recipeImplementation.revokeToken({
-                token: input.body.token,
-                tokenTypeHint: input.body.tokenTypeHint,
+                authorizationHeader: input.authorizationHeader,
+                token: input.token,
                 userContext: input.userContext,
             });
         },

lib/build/recipe/oauth2provider/api/revokeToken.js

@@ -24,12 +24,12 @@ async function revokeTokenPOST(apiImplementation, options, userContext) {
         utils_1.sendNon200ResponseWithMessage(options.res, "token is required in the request body", 400);
         return true;
     }
+    const authorizationHeader =
+        options.req.getHeaderValue("authorization") || options.req.getHeaderValue("Authorization");
     let response = await apiImplementation.revokeTokenPOST({
         options,
-        body: {
-            token: body.token,
-            tokenTypeHint: body.token_type_hint,
-        },
+        authorizationHeader,
+        token: body.token,
         userContext,
     });
     utils_1.send200Response(options.res, response);

lib/build/recipe/oauth2provider/constants.d.ts

@@ -5,4 +5,4 @@ export declare const AUTH_PATH = "/oauth2provider/auth";
 export declare const TOKEN_PATH = "/oauth2provider/token";
 export declare const LOGIN_INFO_PATH = "/oauth2provider/login/info";
 export declare const USER_INFO_PATH = "/oauth2provider/userinfo";
-export declare const REVOKE_TOKEN_PATH = "/oauth2provider/token/revoke";
+export declare const REVOKE_TOKEN_PATH = "/oauth2provider/revoke";

lib/build/recipe/oauth2provider/constants.js

@@ -21,4 +21,4 @@ exports.AUTH_PATH = "/oauth2provider/auth";
 exports.TOKEN_PATH = "/oauth2provider/token";
 exports.LOGIN_INFO_PATH = "/oauth2provider/login/info";
 exports.USER_INFO_PATH = "/oauth2provider/userinfo";
-exports.REVOKE_TOKEN_PATH = "/oauth2provider/token/revoke";
+exports.REVOKE_TOKEN_PATH = "/oauth2provider/revoke";

lib/build/recipe/oauth2provider/index.d.ts

@@ -85,7 +85,6 @@ export default class Wrapper {
     }>;
     static revokeToken(
         token: string,
-        tokenTypeHint?: "access_token" | "refresh_token",
         userContext?: Record<string, any>
     ): Promise<
         | import("../../types").GeneralErrorResponse

lib/build/recipe/oauth2provider/index.js

@@ -57,10 +57,9 @@ class Wrapper {
             userContext: utils_1.getUserContext(userContext),
         });
     }
-    static revokeToken(token, tokenTypeHint, userContext) {
+    static revokeToken(token, userContext) {
         return recipe_1.default.getInstanceOrThrowError().recipeInterfaceImpl.revokeToken({
             token,
-            tokenTypeHint,
             userContext: utils_1.getUserContext(userContext),
         });
     }

lib/build/recipe/oauth2provider/recipe.js

@@ -34,6 +34,7 @@ const utils_1 = require("./utils");
 const supertokens_js_override_1 = __importDefault(require("supertokens-js-override"));
 const userInfo_1 = __importDefault(require("./api/userInfo"));
 const combinedRemoteJWKSet_1 = require("../../combinedRemoteJWKSet");
+const revokeToken_1 = __importDefault(require("./api/revokeToken"));
 class Recipe extends recipeModule_1.default {
     constructor(recipeId, appInfo, isInServerlessEnv, config) {
         super(recipeId, appInfo);
@@ -66,6 +67,9 @@ class Recipe extends recipeModule_1.default {
             if (id === constants_1.USER_INFO_PATH) {
                 return userInfo_1.default(this.apiImpl, tenantId, options, userContext);
             }
+            if (id === constants_1.REVOKE_TOKEN_PATH) {
+                return revokeToken_1.default(this.apiImpl, options, userContext);
+            }
             throw new Error("Should never come here: handleAPIRequest called with unknown id");
         };
         this.config = utils_1.validateAndNormaliseUserInput(this, appInfo, config);
@@ -153,6 +157,12 @@ class Recipe extends recipeModule_1.default {
                 id: constants_1.USER_INFO_PATH,
                 disabled: this.apiImpl.userInfoGET === undefined,
             },
+            {
+                method: "post",
+                pathWithoutApiBasePath: new normalisedURLPath_1.default(constants_1.REVOKE_TOKEN_PATH),
+                id: constants_1.REVOKE_TOKEN_PATH,
+                disabled: this.apiImpl.revokeTokenPOST === undefined,
+            },
         ];
     }
     handleError(error, _, __, _userContext) {

lib/build/recipe/oauth2provider/recipeImplementation.js

@@ -449,13 +449,12 @@ function getRecipeInterface(querier, _config, appInfo, getDefaultIdTokenPayload,
             // TODO: add a check to make sure this is the right token type as they can be signed with the same key
             return { status: "OK", payload: payload };
         },
-        revokeToken: async function ({ token, tokenTypeHint, userContext }) {
-            // TODO: Update the endpoint to the correct token revocation endpoint
+        revokeToken: async function ({ authorizationHeader, token, userContext }) {
             const res = await querier.sendPostRequest(
-                new normalisedURLPath_1.default(`/recipe/oauth2/revoke/token`),
+                new normalisedURLPath_1.default(`/recipe/oauth2/pub/revoke`),
                 {
+                    authorizationHeader,
                     token,
-                    tokenTypeHint,
                 },
                 userContext
             );

lib/build/recipe/oauth2provider/types.d.ts

@@ -235,8 +235,8 @@ export declare type RecipeInterface = {
         userContext: UserContext;
     }): Promise<JSONObject>;
     revokeToken(input: {
+        authorizationHeader?: string;
         token: string;
-        tokenTypeHint?: "access_token" | "refresh_token";
         userContext: UserContext;
     }): Promise<
         | {
@@ -322,10 +322,8 @@ export declare type APIInterface = {
     revokeTokenPOST:
         | undefined
         | ((input: {
-              body: {
-                  token: string;
-                  tokenTypeHint?: "access_token" | "refresh_token";
-              };
+              authorizationHeader?: string;
+              token: string;
               options: APIOptions;
               userContext: UserContext;
           }) => Promise<

lib/ts/querier.ts

@@ -149,6 +149,13 @@ export class Querier {
                 } else {
                     headers["content-type"] = "application/json; charset=utf-8";
                 }
+
+                // TODO: Remove this after core changes are done
+                if (body !== undefined && body["authorizationHeader"]) {
+                    headers["authorization"] = body["authorizationHeader"];
+                    delete body["authorizationHeader"];
+                }
+
                 if (Querier.apiKey !== undefined) {
                     headers = {
                         ...headers,

lib/ts/recipe/oauth2provider/api/implementation.ts

@@ -95,8 +95,8 @@ export default function getAPIImplementation(): APIInterface {
         },
         revokeTokenPOST: async (input) => {
             return input.options.recipeImplementation.revokeToken({
-                token: input.body.token,
-                tokenTypeHint: input.body.tokenTypeHint,
+                authorizationHeader: input.authorizationHeader,
+                token: input.token,
                 userContext: input.userContext,
             });
         },

lib/ts/recipe/oauth2provider/api/revokeToken.ts

@@ -33,12 +33,13 @@ export default async function revokeTokenPOST(
         return true;
     }
 
+    const authorizationHeader =
+        options.req.getHeaderValue("authorization") || options.req.getHeaderValue("Authorization");
+
     let response = await apiImplementation.revokeTokenPOST({
         options,
-        body: {
-            token: body.token,
-            tokenTypeHint: body.token_type_hint,
-        },
+        authorizationHeader,
+        token: body.token,
         userContext,
     });
 

lib/ts/recipe/oauth2provider/constants.ts

@@ -20,4 +20,4 @@ export const AUTH_PATH = "/oauth2provider/auth";
 export const TOKEN_PATH = "/oauth2provider/token";
 export const LOGIN_INFO_PATH = "/oauth2provider/login/info";
 export const USER_INFO_PATH = "/oauth2provider/userinfo";
-export const REVOKE_TOKEN_PATH = "/oauth2provider/token/revoke";
+export const REVOKE_TOKEN_PATH = "/oauth2provider/revoke";

lib/ts/recipe/oauth2provider/index.ts

@@ -69,14 +69,9 @@ export default class Wrapper {
         });
     }
 
-    static revokeToken(
-        token: string,
-        tokenTypeHint?: "access_token" | "refresh_token",
-        userContext?: Record<string, any>
-    ) {
+    static revokeToken(token: string, userContext?: Record<string, any>) {
         return Recipe.getInstanceOrThrowError().recipeInterfaceImpl.revokeToken({
             token,
-            tokenTypeHint,
             userContext: getUserContext(userContext),
         });
     }

lib/ts/recipe/oauth2provider/recipe.ts

@@ -25,7 +25,7 @@ import APIImplementation from "./api/implementation";
 import loginAPI from "./api/login";
 import tokenPOST from "./api/token";
 import loginInfoGET from "./api/loginInfo";
-import { AUTH_PATH, LOGIN_INFO_PATH, LOGIN_PATH, TOKEN_PATH, USER_INFO_PATH } from "./constants";
+import { AUTH_PATH, LOGIN_INFO_PATH, LOGIN_PATH, REVOKE_TOKEN_PATH, TOKEN_PATH, USER_INFO_PATH } from "./constants";
 import RecipeImplementation from "./recipeImplementation";
 import {
     APIInterface,
@@ -41,6 +41,7 @@ import OverrideableBuilder from "supertokens-js-override";
 import { User } from "../../user";
 import userInfoGET from "./api/userInfo";
 import { resetCombinedJWKS } from "../../combinedRemoteJWKSet";
+import revokeTokenPOST from "./api/revokeToken";
 
 export default class Recipe extends RecipeModule {
     static RECIPE_ID = "oauth2provider";
@@ -151,6 +152,12 @@ export default class Recipe extends RecipeModule {
                 id: USER_INFO_PATH,
                 disabled: this.apiImpl.userInfoGET === undefined,
             },
+            {
+                method: "post",
+                pathWithoutApiBasePath: new NormalisedURLPath(REVOKE_TOKEN_PATH),
+                id: REVOKE_TOKEN_PATH,
+                disabled: this.apiImpl.revokeTokenPOST === undefined,
+            },
         ];
     }
 
@@ -187,6 +194,9 @@ export default class Recipe extends RecipeModule {
         if (id === USER_INFO_PATH) {
             return userInfoGET(this.apiImpl, tenantId, options, userContext);
         }
+        if (id === REVOKE_TOKEN_PATH) {
+            return revokeTokenPOST(this.apiImpl, options, userContext);
+        }
         throw new Error("Should never come here: handleAPIRequest called with unknown id");
     };
 

lib/ts/recipe/oauth2provider/recipeImplementation.ts

@@ -429,13 +429,12 @@ export default function getRecipeInterface(
             return { status: "OK", payload: payload as JSONObject };
         },
 
-        revokeToken: async function (this: RecipeInterface, { token, tokenTypeHint, userContext }) {
-            // TODO: Update the endpoint to the correct token revocation endpoint
+        revokeToken: async function (this: RecipeInterface, { authorizationHeader, token, userContext }) {
             const res = await querier.sendPostRequest(
-                new NormalisedURLPath(`/recipe/oauth2/revoke/token`),
+                new NormalisedURLPath(`/recipe/oauth2/pub/revoke`),
                 {
+                    authorizationHeader,
                     token,
-                    tokenTypeHint,
                 },
                 userContext
             );

lib/ts/recipe/oauth2provider/types.ts

@@ -350,8 +350,8 @@ export type RecipeInterface = {
         userContext: UserContext;
     }): Promise<JSONObject>;
     revokeToken(input: {
+        authorizationHeader?: string;
         token: string;
-        tokenTypeHint?: "access_token" | "refresh_token";
         userContext: UserContext;
     }): Promise<{ status: "OK" } | GeneralErrorResponse>;
 };
@@ -412,10 +412,8 @@ export type APIInterface = {
     revokeTokenPOST:
         | undefined
         | ((input: {
-              body: {
-                  token: string;
-                  tokenTypeHint?: "access_token" | "refresh_token";
-              };
+              authorizationHeader?: string;
+              token: string;
               options: APIOptions;
               userContext: UserContext;
           }) => Promise<{ status: "OK" } | GeneralErrorResponse>);