(r *http.Request)
| 29 | ) |
| 30 | |
| 31 | func extractRevocationRequest(r *http.Request) (codersdk.OAuth2TokenRevocationRequest, error) { |
| 32 | if err := r.ParseForm(); err != nil { |
| 33 | return codersdk.OAuth2TokenRevocationRequest{}, xerrors.Errorf("invalid form data: %w", err) |
| 34 | } |
| 35 | |
| 36 | req := codersdk.OAuth2TokenRevocationRequest{ |
| 37 | Token: r.Form.Get("token"), |
| 38 | TokenTypeHint: codersdk.OAuth2RevocationTokenTypeHint(r.Form.Get("token_type_hint")), |
| 39 | ClientID: r.Form.Get("client_id"), |
| 40 | ClientSecret: r.Form.Get("client_secret"), |
| 41 | } |
| 42 | |
| 43 | // RFC 7009 requires 'token' parameter. |
| 44 | if req.Token == "" { |
| 45 | return codersdk.OAuth2TokenRevocationRequest{}, xerrors.New("missing token parameter") |
| 46 | } |
| 47 | |
| 48 | return req, nil |
| 49 | } |
| 50 | |
| 51 | // RevokeToken implements RFC 7009 OAuth2 Token Revocation |
| 52 | // Authentication is unique for this endpoint in that it does not use the |
no test coverage detected