added token revoke to logout

2023-09-19 18:58:08 +02:00 · 2023-09-19 18:58:08 +02:00 · 50d1803a18
commit 50d1803a18
parent 34f9929b16
4 changed files with 43 additions and 9 deletions
--- a/filcnaplo/lib/models/user.dart
+++ b/filcnaplo/lib/models/user.dart
@ -93,4 +93,13 @@ class User {
      "refresh_user_data": "false",
    };
  }
+
+  static Map<String, Object?> logoutBody({
+    required String refreshToken,
+  }) {
+    return {
+      "refresh_token": refreshToken,
+      "client_id": KretaAPI.clientId,
+    };
+  }
 }
--- a/filcnaplo_desktop_ui/lib/screens/navigation/sidebar.dart
+++ b/filcnaplo_desktop_ui/lib/screens/navigation/sidebar.dart
@ -176,13 +176,16 @@ class _SidebarState extends State<Sidebar> {
          String? userId = user.id;
          if (userId == null) return;

-          // Delete User
+          // revoke refresh token
+          await Provider.of<KretaClient>(context, listen: false).logout();
+
+          // delete user from app
          user.removeUser(userId);
          await Provider.of<DatabaseProvider>(context, listen: false)
              .store
              .removeUser(userId);

-          // If no other Users left, go back to LoginScreen
+          // if no other users left, go back to login screen
          if (user.getUsers().isNotEmpty) {
            user.setUser(user.getUsers().first.id);
            restore().then((_) => user.setUser(user.getUsers().first.id));
--- a/filcnaplo_kreta_api/lib/client/api.dart
+++ b/filcnaplo_kreta_api/lib/client/api.dart
@ -3,6 +3,7 @@ import 'package:intl/intl.dart';
 class KretaAPI {
  // IDP API
  static const login = BaseKreta.kretaIdp + KretaApiEndpoints.token;
+  static const logout = BaseKreta.kretaIdp + KretaApiEndpoints.revoke;
  static const nonce = BaseKreta.kretaIdp + KretaApiEndpoints.nonce;
  static const clientId = "kreta-ellenorzo-mobile-android";

@ -86,6 +87,7 @@ class BaseKreta {

 class KretaApiEndpoints {
  static const token = "/connect/token";
+  static const revoke = "/connect/revocation";
  static const nonce = "/nonce";
  static const notes = "/ellenorzo/V3/Sajat/Feljegyzesek";
  static const events = "/ellenorzo/V3/Sajat/FaliujsagElemek";
--- a/filcnaplo_kreta_api/lib/client/client.dart
+++ b/filcnaplo_kreta_api/lib/client/client.dart
@ -187,13 +187,15 @@ class KretaClient {
      print("DEBUG: refreshLogin: ${loginUser.id} ${loginUser.name}");
    }

-    Map? loginRes = await postAPI(KretaAPI.login,
-        headers: headers,
-        body: User.loginBody(
-          username: loginUser.username,
-          password: loginUser.password,
-          instituteCode: loginUser.instituteCode,
-        ));
+    Map? loginRes = await postAPI(
+      KretaAPI.login,
+      headers: headers,
+      body: User.loginBody(
+        username: loginUser.username,
+        password: loginUser.password,
+        instituteCode: loginUser.instituteCode,
+      ),
+    );

    if (loginRes != null) {
      if (loginRes.containsKey("access_token")) {
@ -223,4 +225,22 @@ class KretaClient {

    _loginRefreshing = false;
  }
+
+  Future<void> logout() async {
+    User? loginUser = _user.user;
+    if (loginUser == null) return;
+
+    Map<String, String> headers = {
+      "content-type": "application/x-www-form-urlencoded",
+    };
+
+    await postAPI(
+      KretaAPI.logout,
+      headers: headers,
+      body: User.logoutBody(
+        refreshToken: refreshToken!,
+      ),
+      json: false,
+    );
+  }
 }