Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Psg 831 #20

Merged
merged 6 commits into from
Sep 2, 2022
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions app.go
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,9 @@ type AppInfo struct {
AllowedIdentifier string `json:"allowed_identifier"` // Which identifier(s) are allowed for this app (email, phone, both)
RequireIdentifierVerification bool `json:"require_identifier_verification"` // Whether this app requires identifier verification
SessionTimeoutLength int `json:"session_timeout_length"` // How long a JWT will last for the app when a user logs in
RefreshEnabled bool `json:"refresh_enabled"` // Whether this app has refresh tokens enabled
RefreshAbsoluteLifetime int `json:"refresh_absolute_lifetime"` // The absolute lifetime of a refresh token in seconds
RefreshInactivityLifetime int `json:"refresh_inactivity_lifetime"` // The inactivity lifetime of a refresh token in seconds
UserMetadataSchemaResponse []UserMetadataField `json:"user_metadata_schema"` // The schema for user_metadata that will be stored about users
Layouts Layouts `json:"layouts"` // The layouts of user_metadata on the register/profile element
}
Expand Down
19 changes: 19 additions & 0 deletions user.go
Original file line number Diff line number Diff line change
Expand Up @@ -245,3 +245,22 @@ func (a *App) RevokeUserDevice(userID, deviceID string) (bool, error) {

return true, nil
}

// Signout revokes a users refresh tokens
// returns true on success, error on failure
func (a *App) SignOut(userID string) (bool, error) {
response, err := resty.New().R().
SetAuthToken(a.Config.APIKey).
Delete(fmt.Sprintf("https://api.passage.id/v1/apps/%v/users/%v/tokens/", a.ID, userID))
if err != nil {
return false, errors.New("network error: could not get Passage User")
}
if response.StatusCode() == http.StatusNotFound {
return false, fmt.Errorf("passage User with ID \"%v\" does not exist", userID)
}
if response.StatusCode() != http.StatusOK {
return false, fmt.Errorf("failed to revoke all refresh tokens for a Passage User")
}

return true, nil
}
11 changes: 11 additions & 0 deletions user_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -136,3 +136,14 @@ func TestListUserDevices(t *testing.T) {
}

// NOTE RevokeUserDevice is not tested because it is impossible to spoof webauthn to create a device to then revoke

func TestSignOutUser(t *testing.T) {
psg, err := passage.New(PassageAppID, &passage.Config{
APIKey: PassageApiKey, // An API_KEY environment variable is required for testing.
})
require.Nil(t, err)

result, err := psg.SignOut(PassageUserID)
require.Nil(t, err)
assert.Equal(t, result, true)
}