RevokeToken
- class DIRAC.FrameworkSystem.private.authorization.grants.RevokeToken.RevocationEndpoint(server=None)
Bases:
RevocationEndpointSee
authlib.oauth2.rfc7009.RevocationEndpoint- CLIENT_AUTH_METHODS = ['client_secret_basic']
Allowed client authenticate methods
- SUPPORTED_TOKEN_TYPES = ('access_token', 'refresh_token')
Supported token types
- __init__(server=None)
- authenticate_endpoint_client(request)
Authenticate client for endpoint with
CLIENT_AUTH_METHODS.
- authenticate_token(request, client)
The client constructs the request by including the following parameters using the “application/x-www-form-urlencoded” format in the HTTP request entity-body:
- token
REQUIRED. The token that the client wants to get revoked.
- token_type_hint
OPTIONAL. A hint about the type of the token submitted for revocation.
- check_params(request, client)
- create_endpoint_request(request)
Convert framework request to OAuth2Request.
- create_endpoint_response(request)
Validate revocation request and create the response for revocation. For example, a client may request the revocation of a refresh token with the following request:
POST /revoke HTTP/1.1 Host: server.example.com Content-Type: application/x-www-form-urlencoded Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW token=45ghiukldjahdnhzdauz&token_type_hint=refresh_token
- Returns:
(status_code, body, headers)
- create_response(validated_request: EndpointRequest) → tuple[int, Any, list] | None
Create the HTTP response from a validated request.
- Parameters:
validated_request – The validated EndpointRequest
- Returns:
Tuple of (status_code, body, headers), or None if the application should provide its own response
- query_token(token, token_type_hint, client)
Query requested token from database.
- validate_request(request: OAuth2Request) → EndpointRequest
Validate the request and return a validated request object.
- Parameters:
request – The OAuth2Request to validate
- Returns:
EndpointRequest with validated data
- Raises:
OAuth2Error – If validation fails