Skip to content

Commit

Permalink
Update Revoke all to revoke tokens, not delete them.
Browse files Browse the repository at this point in the history
  • Loading branch information
@bryanrite
bryanrite committed Nov 4, 2013
1 parent c59a351 commit 322512d
Show file tree
Hide file tree
Showing 7 changed files with 37 additions and 2 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
request time
- enhancements
- [#293] ActionController::Instrumentation in TokensController
- [#313] `AccessToken.revoke_all_for` actually revokes all non-revoked tokens for an application/owner instead of deleting them. [@bryanrite](https://github.com/bryanrite)
- internals
- Removes jQuery dependency

Expand Down
2 changes: 1 addition & 1 deletion lib/doorkeeper/models/access_token.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ def self.by_refresh_token(refresh_token)
end

def self.revoke_all_for(application_id, resource_owner)
delete_all_for(application_id, resource_owner)
revoke_all_active_for(application_id, resource_owner)
end

def self.matching_token_for(application, resource_owner_or_id, scopes)
Expand Down
8 changes: 8 additions & 0 deletions lib/doorkeeper/models/active_record/access_token.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,14 @@ class AccessToken < ActiveRecord::Base

self.table_name = :oauth_access_tokens

def self.revoke_all_active_for(application_id, resource_owner)
where(:application_id => application_id,
:resource_owner_id => resource_owner.id,
:revoked_at => nil)
.map(&:revoke)
end
private_class_method :revoke_all_active_for

def self.delete_all_for(application_id, resource_owner)
where(:application_id => application_id,
:resource_owner_id => resource_owner.id).delete_all
Expand Down
8 changes: 8 additions & 0 deletions lib/doorkeeper/models/mongo_mapper/access_token.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,14 @@ def self.last
self.sort(:created_at).last
end

def self.revoke_all_active_for(application_id, resource_owner)
where(:application_id => application_id,
:resource_owner_id => resource_owner.id,
:revoked_at => nil)
.map(&:revoke)
end
private_class_method :revoke_all_active_for

def self.delete_all_for(application_id, resource_owner)
delete_all(:application_id => application_id,
:resource_owner_id => resource_owner.id)
Expand Down
8 changes: 8 additions & 0 deletions lib/doorkeeper/models/mongoid2/access_token.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,14 @@ class AccessToken
index :token, :unique => true
index :refresh_token, :unique => true, :sparse => true

def self.revoke_all_active_for(application_id, resource_owner)
where(:application_id => application_id,
:resource_owner_id => resource_owner.id,
:revoked_at => nil)
.map(&:revoke)
end
private_class_method :revoke_all_active_for

def self.delete_all_for(application_id, resource_owner)
where(:application_id => application_id,
:resource_owner_id => resource_owner.id).delete_all
Expand Down
8 changes: 8 additions & 0 deletions lib/doorkeeper/models/mongoid3/access_token.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,14 @@ class AccessToken
index({ token: 1 }, { unique: true })
index({ refresh_token: 1 }, { unique: true, sparse: true })

def self.revoke_all_active_for(application_id, resource_owner)
where(:application_id => application_id,
:resource_owner_id => resource_owner.id,
:revoked_at => nil)
.map(&:revoke)
end
private_class_method :revoke_all_active_for

def self.delete_all_for(application_id, resource_owner)
where(:application_id => application_id,
:resource_owner_id => resource_owner.id).delete_all
Expand Down
4 changes: 3 additions & 1 deletion spec/models/doorkeeper/access_token_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,9 @@ module Doorkeeper
it 'revokes all tokens for given application and resource owner' do
FactoryGirl.create :access_token, default_attributes
AccessToken.revoke_all_for application.id, resource_owner
AccessToken.all.should be_empty
AccessToken.all.each do |token|
token.should be_revoked
end
end

it 'matches application' do
Expand Down

0 comments on commit 322512d

Please sign in to comment.