added token revoke to logout

filcnaplo/lib/models/user.dart

@@ -93,4 +93,13 @@ class User {
       "refresh_user_data": "false",
     };
   }
+
+  static Map<String, Object?> logoutBody({
+    required String refreshToken,
+  }) {
+    return {
+      "refresh_token": refreshToken,
+      "client_id": KretaAPI.clientId,
+    };
+  }
 }

filcnaplo_desktop_ui/lib/screens/navigation/sidebar.dart

@@ -176,13 +176,16 @@ class _SidebarState extends State<Sidebar> {
           String? userId = user.id;
           if (userId == null) return;
 
-          // Delete User
+          // revoke refresh token
+          await Provider.of<KretaClient>(context, listen: false).logout();
+
+          // delete user from app
           user.removeUser(userId);
           await Provider.of<DatabaseProvider>(context, listen: false)
               .store
               .removeUser(userId);
 
-          // If no other Users left, go back to LoginScreen
+          // if no other users left, go back to login screen
           if (user.getUsers().isNotEmpty) {
             user.setUser(user.getUsers().first.id);
             restore().then((_) => user.setUser(user.getUsers().first.id));

filcnaplo_kreta_api/lib/client/api.dart

@@ -3,6 +3,7 @@ import 'package:intl/intl.dart';
 class KretaAPI {
   // IDP API
   static const login = BaseKreta.kretaIdp + KretaApiEndpoints.token;
+  static const logout = BaseKreta.kretaIdp + KretaApiEndpoints.revoke;
   static const nonce = BaseKreta.kretaIdp + KretaApiEndpoints.nonce;
   static const clientId = "kreta-ellenorzo-mobile-android";
 
@@ -86,6 +87,7 @@ class BaseKreta {
 
 class KretaApiEndpoints {
   static const token = "/connect/token";
+  static const revoke = "/connect/revocation";
   static const nonce = "/nonce";
   static const notes = "/ellenorzo/V3/Sajat/Feljegyzesek";
   static const events = "/ellenorzo/V3/Sajat/FaliujsagElemek";

filcnaplo_kreta_api/lib/client/client.dart

@@ -187,13 +187,15 @@ class KretaClient {
       print("DEBUG: refreshLogin: ${loginUser.id} ${loginUser.name}");
     }
 
-    Map? loginRes = await postAPI(KretaAPI.login,
+    Map? loginRes = await postAPI(
+      KretaAPI.login,
       headers: headers,
       body: User.loginBody(
         username: loginUser.username,
         password: loginUser.password,
         instituteCode: loginUser.instituteCode,
-        ));
+      ),
+    );
 
     if (loginRes != null) {
       if (loginRes.containsKey("access_token")) {
@@ -223,4 +225,22 @@ class KretaClient {
 
     _loginRefreshing = false;
   }
+
+  Future<void> logout() async {
+    User? loginUser = _user.user;
+    if (loginUser == null) return;
+
+    Map<String, String> headers = {
+      "content-type": "application/x-www-form-urlencoded",
+    };
+
+    await postAPI(
+      KretaAPI.logout,
+      headers: headers,
+      body: User.logoutBody(
+        refreshToken: refreshToken!,
+      ),
+      json: false,
+    );
+  }
 }