TechQA.

Flask-oathlib: how to revoke a token

768 views Asked by At

Reading the google docs (https://developers.google.com/identity/protocols/OAuth2WebServer#callinganapi), it says i can revoke token (and thus force a login with credentials) by calling credentials.revoke.

What would be the flask-oathlib way to do this?

flask flask-oauthlib
Original Q&A
1

There are 1 answers

0
lepture On

Flask-OAuthlib itself didn't provide a way to revoke token. (I'm the author of Flask-OAuthlib)

My new project Authlib has provided a revoke_token method for OAuth 2.0. However, Google's revoke token endpoint doesn't respect RFC7009, which means the revoke_token method provided by Authlib can not be used.

You can send a HTTP request directly to revoke token endpoint:

curl -H "Content-type:application/x-www-form-urlencoded" \
    https://accounts.google.com/o/oauth2/revoke?token={token}

BTW, if you need a RFC7009 revoke token method, checkout the source code in https://github.com/lepture/authlib/blob/master/authlib/client/oauth2.py

Related Questions in FLASK

Related Questions in FLASK-OAUTHLIB

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions