diff --git a/src/ejabberd_oauth.erl b/src/ejabberd_oauth.erl index 1d26798b0..2e812d758 100644 --- a/src/ejabberd_oauth.erl +++ b/src/ejabberd_oauth.erl @@ -65,6 +65,7 @@ -callback init() -> any(). -callback store(#oauth_token{}) -> ok | {error, any()}. -callback lookup(binary()) -> {ok, #oauth_token{}} | error. +-callback revoke(binary()) -> ok | {error, binary()}. -callback clean(non_neg_integer()) -> any(). -record(oauth_ctx, { @@ -99,12 +100,12 @@ get_commands_spec() -> result = {tokens, {list, {token, {tuple, [{token, string}, {user, string}, {scope, string}, {expires_in, string}]}}}} }, #ejabberd_commands{name = oauth_revoke_token, tags = [oauth], - desc = "Revoke authorization for a token (only Mnesia)", + desc = "Revoke authorization for a token", module = ?MODULE, function = oauth_revoke_token, - args = [{token, string}], + args = [{token, binary}], policy = restricted, - result = {tokens, {list, {token, {tuple, [{token, string}, {user, string}, {scope, string}, {expires_in, string}]}}}}, - result_desc = "List of remaining tokens" + result = {res, restuple}, + result_desc = "Result code" }, #ejabberd_commands{name = oauth_add_client_password, tags = [oauth], desc = "Add OAUTH client_id with password grant type", @@ -160,8 +161,15 @@ oauth_list_tokens() -> oauth_revoke_token(Token) -> - ok = mnesia:dirty_delete(oauth_token, list_to_binary(Token)), - oauth_list_tokens(). + DBMod = get_db_backend(), + case DBMod:revoke(Token) of + ok -> + ets_cache:delete(oauth_cache, Token, + ejabberd_cluster:get_nodes()), + {ok, ""}; + Other -> + Other + end. oauth_add_client_password(ClientID, ClientName, Secret) -> DBMod = get_db_backend(), diff --git a/src/ejabberd_oauth_mnesia.erl b/src/ejabberd_oauth_mnesia.erl index 8bb2efba7..f4060702e 100644 --- a/src/ejabberd_oauth_mnesia.erl +++ b/src/ejabberd_oauth_mnesia.erl @@ -28,13 +28,13 @@ -behaviour(ejabberd_oauth). -export([init/0, - store/1, - lookup/1, - clean/1, - lookup_client/1, - store_client/1, - remove_client/1, - use_cache/0]). + store/1, + lookup/1, + clean/1, + lookup_client/1, + store_client/1, + remove_client/1, + use_cache/0, revoke/1]). -include("ejabberd_oauth.hrl"). @@ -68,6 +68,11 @@ lookup(Token) -> error end. + +-spec revoke(binary()) -> ok | error. +revoke(Token) -> + mnesia:dirty_delete(oauth_token, Token). + clean(TS) -> F = fun() -> Ts = mnesia:select( diff --git a/src/ejabberd_oauth_rest.erl b/src/ejabberd_oauth_rest.erl index 9182ec256..a170826fb 100644 --- a/src/ejabberd_oauth_rest.erl +++ b/src/ejabberd_oauth_rest.erl @@ -32,7 +32,7 @@ lookup/1, clean/1, lookup_client/1, - store_client/1]). + store_client/1, revoke/1]). -include("ejabberd_oauth.hrl"). -include("logger.hrl"). @@ -87,6 +87,10 @@ lookup(Token) -> end end. +-spec revoke(binary()) -> ok | {error, binary()}. +revoke(_Token) -> + {error, <<"not available">>}. + clean(_TS) -> ok. diff --git a/src/ejabberd_oauth_sql.erl b/src/ejabberd_oauth_sql.erl index 89dcc590c..b73f56b78 100644 --- a/src/ejabberd_oauth_sql.erl +++ b/src/ejabberd_oauth_sql.erl @@ -28,12 +28,12 @@ -behaviour(ejabberd_oauth). -export([init/0, - store/1, - lookup/1, - clean/1, - lookup_client/1, - store_client/1, - remove_client/1]). + store/1, + lookup/1, + clean/1, + lookup_client/1, + store_client/1, + remove_client/1, revoke/1]). -include("ejabberd_oauth.hrl"). -include("ejabberd_sql_pt.hrl"). @@ -78,6 +78,16 @@ lookup(Token) -> error end. +revoke(Token) -> + case ejabberd_sql:sql_query( + ejabberd_config:get_myname(), + ?SQL("delete from oauth_token where token=%(Token)s")) of + {error, _} -> + {error, <<"db error">>}; + _ -> + ok + end. + clean(TS) -> ejabberd_sql:sql_query( ejabberd_config:get_myname(),