Merge pull request #407 from ehapmgs/fix/revoke-authorization

Kadi Kraman · web-flow · commit ce8929333e35 · 2020-01-07T15:02:10.000Z
Fix/revoke authorization
diff --git a/index.d.ts b/index.d.ts
@@ -97,6 +97,7 @@ export interface RefreshResult {
 export interface RevokeConfiguration {
   tokenToRevoke: string;
   sendClientId?: boolean;
+  includeBasicAuthorization?: boolean;
 }
 
 export interface RefreshConfiguration {
diff --git a/index.js b/index.js
@@ -1,5 +1,6 @@
 import invariant from 'invariant';
 import { NativeModules, Platform } from 'react-native';
+import base64 from 'react-native-base64';
 
 const { RNAppAuth } = NativeModules;
 
@@ -229,8 +230,8 @@ export const refresh = (
 };
 
 export const revoke = async (
-  { clientId, issuer, serviceConfiguration },
-  { tokenToRevoke, sendClientId = false }
+  { clientId, issuer, serviceConfiguration, clientSecret },
+  { tokenToRevoke, sendClientId = false, includeBasicAuthorization = false }
 ) => {
   invariant(tokenToRevoke, 'Please include the token to revoke');
   validateClientId(clientId);
@@ -251,6 +252,12 @@ export const revoke = async (
     revocationEndpoint = openidConfig.revocation_endpoint;
   }
 
+  const headers = {
+    'Content-Type': 'application/x-www-form-urlencoded',
+  };
+  if (includeBasicAuthorization) {
+    headers.Authorization = `basic ${base64.encode(`${clientId}:${clientSecret}`)}`;
+  }
   /**
     Identity Server insists on client_id being passed in the body,
     but Google does not. According to the spec, Google is right
@@ -259,9 +266,7 @@ export const revoke = async (
   **/
   return await fetch(revocationEndpoint, {
     method: 'POST',
-    headers: {
-      'Content-Type': 'application/x-www-form-urlencoded',
-    },
+    headers,
     body: `token=${tokenToRevoke}${sendClientId ? `&client_id=${clientId}` : ''}`,
   }).catch(error => {
     throw new Error('Failed to revoke token', error);
diff --git a/package.json b/package.json
@@ -72,6 +72,12 @@
     "react-native": "^0.50.3"
   },
   "dependencies": {
-    "invariant": "^2.2.2"
+    "invariant": "^2.2.2",
+    "react-native-base64": "^0.0.2"
+  },
+  "jest": {
+    "transformIgnorePatterns": [
+      "node_modules/?!(react-native-base64)"
+    ]
   }
 }
diff --git a/yarn.lock b/yarn.lock
@@ -4113,6 +4113,11 @@ react-devtools-core@^2.5.0:
     shell-quote "^1.6.1"
     ws "^2.0.3"
 
+react-native-base64@^0.0.2:
+  version "0.0.2"
+  resolved "https://registry.yarnpkg.com/react-native-base64/-/react-native-base64-0.0.2.tgz#c28463c2c6779ac3ec5fdd12979ebc8c5f9b410a"
+  integrity sha512-Fu/J1a2y0X22EJDWqJR2oEa1fpP4gTFjYxk8ElJdt1Yak3HOXmFJ7EohLVHU2DaQkgmKfw8qb7u/48gpzveRbg==
+
 react-native@^0.50.3:
   version "0.50.3"
   resolved "https://registry.yarnpkg.com/react-native/-/react-native-0.50.3.tgz#91282bd5356cc7d794969cdc443cc764389b9af4"

Original file line number	Diff line number	Diff line change
`@@ -97,6 +97,7 @@ export interface RefreshResult {`
`97`	`97`	`export interface RevokeConfiguration {`
`98`	`98`	`tokenToRevoke: string;`
`99`	`99`	`sendClientId?: boolean;`
	`100`	`+ includeBasicAuthorization?: boolean;`
`100`	`101`	`}`
`101`	`102`
`102`	`103`	`export interface RefreshConfiguration {`
Original file line number	Diff line number	Diff line change
`@@ -72,6 +72,12 @@`
`72`	`72`	`"react-native": "^0.50.3"`
`73`	`73`	`},`
`74`	`74`	`"dependencies": {`
`75`		`- "invariant": "^2.2.2"`
	`75`	`+ "invariant": "^2.2.2",`
	`76`	`+ "react-native-base64": "^0.0.2"`
	`77`	`+ },`
	`78`	`+ "jest": {`
	`79`	`+ "transformIgnorePatterns": [`
	`80`	`+ "node_modules/?!(react-native-base64)"`
	`81`	`+ ]`
`76`	`82`	`}`
`77`	`83`	`}`