Skip to content

Commit

Permalink
Psg 831 (#20)
Browse files Browse the repository at this point in the history
* Implement Revoke Refresh Tokens

* update endpoint and add test

* fix test

* update app model

* Update app.go

Co-authored-by: Bert Ramirez <13988480+bertrmz@users.noreply.github.com>

* Update user.go

Co-authored-by: Bert Ramirez <13988480+bertrmz@users.noreply.github.com>

Co-authored-by: Michael Roberts <1934806+himichaelroberts@users.noreply.github.com>
Co-authored-by: Bert Ramirez <13988480+bertrmz@users.noreply.github.com>
  • Loading branch information
3 people authored Sep 2, 2022
1 parent e4363a9 commit eb00d69
Show file tree
Hide file tree
Showing 3 changed files with 33 additions and 0 deletions.
3 changes: 3 additions & 0 deletions app.go
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,9 @@ type AppInfo struct {
AllowedIdentifier string `json:"allowed_identifier"` // Which identifier(s) are allowed for this app (email, phone, both)
RequireIdentifierVerification bool `json:"require_identifier_verification"` // Whether this app requires identifier verification
SessionTimeoutLength int `json:"session_timeout_length"` // How long a JWT will last for the app when a user logs in
RefreshEnabled bool `json:"refresh_enabled"` // Whether this app has refresh tokens enabled
RefreshAbsoluteLifetime int `json:"refresh_absolute_lifetime"` // The absolute lifetime of a refresh token in seconds
RefreshInactivityLifetime int `json:"refresh_inactivity_lifetime"` // The inactivity lifetime of a refresh token in seconds
UserMetadataSchemaResponse []UserMetadataField `json:"user_metadata_schema"` // The schema for user_metadata that will be stored about users
Layouts Layouts `json:"layouts"` // The layouts of user_metadata on the register/profile element
}
Expand Down
19 changes: 19 additions & 0 deletions user.go
Original file line number Diff line number Diff line change
Expand Up @@ -245,3 +245,22 @@ func (a *App) RevokeUserDevice(userID, deviceID string) (bool, error) {

return true, nil
}

// Signout revokes a users refresh tokens
// returns true on success, error on failure
func (a *App) SignOut(userID string) (bool, error) {
response, err := resty.New().R().
SetAuthToken(a.Config.APIKey).
Delete(fmt.Sprintf("https://api.passage.id/v1/apps/%v/users/%v/tokens/", a.ID, userID))
if err != nil {
return false, errors.New("network error: could not get Passage User")
}
if response.StatusCode() == http.StatusNotFound {
return false, fmt.Errorf("passage User with ID \"%v\" does not exist", userID)
}
if response.StatusCode() != http.StatusOK {
return false, fmt.Errorf("failed to revoke all refresh tokens for a Passage User")
}

return true, nil
}
11 changes: 11 additions & 0 deletions user_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -136,3 +136,14 @@ func TestListUserDevices(t *testing.T) {
}

// NOTE RevokeUserDevice is not tested because it is impossible to spoof webauthn to create a device to then revoke

func TestSignOutUser(t *testing.T) {
psg, err := passage.New(PassageAppID, &passage.Config{
APIKey: PassageApiKey, // An API_KEY environment variable is required for testing.
})
require.Nil(t, err)

result, err := psg.SignOut(PassageUserID)
require.Nil(t, err)
assert.Equal(t, result, true)
}

0 comments on commit eb00d69

Please sign in to comment.