this repo has no description
Allow revoke access token
- Also means storing client credentials
- A bit of cleaning up for vapid key as it's everywhere now
+77
-17
+8
-3
src/app.jsx
+8
-3
src/app.jsx
···
63
63
import store from './utils/store';
64
64
import {
65
65
getAccount,
66
+
getCredentialApplication,
66
67
getCurrentAccount,
68
+
getVapidKey,
67
69
setCurrentAccountID,
68
70
} from './utils/store-utils';
69
71
···
367
369
window.location.pathname || '/',
368
370
);
369
371
370
-
const clientID = store.sessionCookie.get('clientID');
371
-
const clientSecret = store.sessionCookie.get('clientSecret');
372
-
const vapidKey = store.sessionCookie.get('vapidKey');
372
+
const {
373
+
client_id: clientID,
374
+
client_secret: clientSecret,
375
+
vapid_key,
376
+
} = getCredentialApplication(instanceURL) || {};
377
+
const vapidKey = getVapidKey(instanceURL) || vapid_key;
373
378
const verifier = store.sessionCookie.get('codeVerifier');
374
379
375
380
(async () => {
+8
-1
src/pages/accounts.jsx
+8
-1
src/pages/accounts.jsx
···
14
14
import NameText from '../components/name-text';
15
15
import RelativeTime from '../components/relative-time';
16
16
import { api } from '../utils/api';
17
+
import { revokeAccessToken } from '../utils/auth';
17
18
import niceDateTime from '../utils/nice-date-time';
18
19
import states from '../utils/states';
19
20
import store from '../utils/store';
···
185
186
}
186
187
disabled={!isCurrent}
187
188
menuItemClassName="danger"
188
-
onClick={() => {
189
+
onClick={async () => {
189
190
// const yes = confirm('Log out?');
190
191
// if (!yes) return;
192
+
await revokeAccessToken({
193
+
instanceURL: account.instanceURL,
194
+
client_id: account.clientId,
195
+
client_secret: account.clientSecret,
196
+
token: account.accessToken,
197
+
});
191
198
accounts.splice(i, 1);
192
199
store.local.setJSON('accounts', accounts);
193
200
// location.reload();
+11
-10
src/pages/login.jsx
+11
-10
src/pages/login.jsx
···
18
18
} from '../utils/auth';
19
19
import { supportsPKCE } from '../utils/oauth-pkce';
20
20
import store from '../utils/store';
21
+
import {
22
+
getCredentialApplication,
23
+
storeCredentialApplication,
24
+
} from '../utils/store-utils';
21
25
import useTitle from '../utils/useTitle';
22
26
23
27
const { PHANPY_DEFAULT_INSTANCE: DEFAULT_INSTANCE } = import.meta.env;
···
87
91
88
92
setUIState('loading');
89
93
try {
90
-
const { client_id, client_secret, vapid_key } =
91
-
await registerApplication({
94
+
let credentialApplication = getCredentialApplication(instanceURL);
95
+
if (!credentialApplication) {
96
+
credentialApplication = await registerApplication({
92
97
instanceURL,
93
98
});
99
+
storeCredentialApplication(instanceURL, credentialApplication);
100
+
}
101
+
102
+
const { client_id, client_secret } = credentialApplication;
94
103
95
104
const authPKCE = await supportsPKCE({ instanceURL });
96
105
console.log({ authPKCE });
97
106
if (authPKCE) {
98
107
if (client_id && client_secret) {
99
-
store.sessionCookie.set('clientID', client_id);
100
-
store.sessionCookie.set('clientSecret', client_secret);
101
-
store.sessionCookie.set('vapidKey', vapid_key);
102
-
103
108
const [url, verifier] = await getPKCEAuthorizationURL({
104
109
instanceURL,
105
110
client_id,
···
111
116
}
112
117
} else {
113
118
if (client_id && client_secret) {
114
-
store.sessionCookie.set('clientID', client_id);
115
-
store.sessionCookie.set('clientSecret', client_secret);
116
-
store.sessionCookie.set('vapidKey', vapid_key);
117
-
118
119
location.href = await getAuthorizationURL({
119
120
instanceURL,
120
121
client_id,
+4
-1
src/pages/settings.jsx
+4
-1
src/pages/settings.jsx
···
24
24
import showToast from '../utils/show-toast';
25
25
import states from '../utils/states';
26
26
import store from '../utils/store';
27
-
import { getAPIVersions } from '../utils/store-utils';
27
+
import { getAPIVersions, getVapidKey } from '../utils/store-utils';
28
28
import supports from '../utils/supports';
29
29
30
30
const DEFAULT_TEXT_SIZE = 16;
···
860
860
</Link>
861
861
</p>
862
862
<p>Debugging</p>
863
+
<p>
864
+
<b>Vapid key</b>: {getVapidKey()}
865
+
</p>
863
866
{__BENCH_RESULTS?.size > 0 && (
864
867
<ul>
865
868
{Array.from(__BENCH_RESULTS.entries()).map(
+29
src/utils/auth.js
+29
src/utils/auth.js
···
105
105
console.log({ tokenJSON });
106
106
return tokenJSON;
107
107
}
108
+
109
+
export async function revokeAccessToken({
110
+
instanceURL,
111
+
client_id,
112
+
client_secret,
113
+
token,
114
+
}) {
115
+
try {
116
+
const params = new URLSearchParams({
117
+
client_id,
118
+
client_secret,
119
+
token,
120
+
});
121
+
122
+
const revokeResponse = await fetch(`https://${instanceURL}/oauth/revoke`, {
123
+
method: 'POST',
124
+
headers: {
125
+
'Content-Type': 'application/x-www-form-urlencoded',
126
+
},
127
+
body: params.toString(),
128
+
keepalive: true,
129
+
});
130
+
131
+
return revokeResponse.ok;
132
+
} catch (error) {
133
+
console.erro('Error revoking token', error);
134
+
return false;
135
+
}
136
+
}
+17
-2
src/utils/store-utils.js
+17
-2
src/utils/store-utils.js
···
169
169
return instance?.apiVersions || {};
170
170
}
171
171
172
-
export function getVapidKey() {
172
+
export function getVapidKey(instance) {
173
173
// Vapid key has moved from account to instance config
174
-
const config = getCurrentInstanceConfiguration();
174
+
const config = instance
175
+
? getInstanceConfiguration(instance)
176
+
: getCurrentInstanceConfiguration();
175
177
const vapidKey = config?.vapid?.publicKey || config?.vapid?.public_key;
176
178
return vapidKey || getCurrentAccount()?.vapidKey;
177
179
}
···
180
182
const instance = getCurrentInstance();
181
183
return /pixelfed/i.test(instance?.version);
182
184
}
185
+
186
+
const CREDENTIAL_APPLICATIONS_KEY = 'credentialApplications';
187
+
188
+
export function storeCredentialApplication(instanceURL, credentialApplication) {
189
+
const stored = store.local.getJSON(CREDENTIAL_APPLICATIONS_KEY) || {};
190
+
stored[instanceURL] = credentialApplication;
191
+
store.local.setJSON(CREDENTIAL_APPLICATIONS_KEY, stored);
192
+
}
193
+
194
+
export function getCredentialApplication(instanceURL) {
195
+
const stored = store.local.getJSON(CREDENTIAL_APPLICATIONS_KEY) || {};
196
+
return stored[instanceURL] || null;
197
+
}