-
Notifications
You must be signed in to change notification settings - Fork 0
/
tokens_controller.rb
40 lines (35 loc) · 1.36 KB
/
tokens_controller.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
# frozen_string_literal: true
module API
module V1
class TokensController < Doorkeeper::TokensController
include ErrorHandlerConcern
def revoke
# The authorization server responds with HTTP status code 200 if the client
# submitted an invalid token or the token has been revoked successfully.
if token.blank?
render json: token_revoke_response, status: :ok
# The authorization server validates [...] and whether the token
# was issued to the client making the revocation request. If this
# validation fails, the request is refused and the client is informed
# of the error by the authorization server as described below.
elsif authorized?
revoke_token
render json: token_revoke_response, status: :ok
else
render json: revocation_error_response, status: :forbidden
end
end
private
# Overwrite this method as it bypass the custom_error_response provided by Doorkeeper
def revocation_error_response
error_description = I18n.t(:unauthorized, scope: %i[doorkeeper errors messages revoke])
{
errors: build_error(detail: error_description, code: :invalid_client)
}
end
def token_revoke_response
{ meta: I18n.t('doorkeeper.token_revoked') }
end
end
end
end