revokeToken method

  1. @override
Future<void> revokeToken({
  1. required String token,
  2. String? tokenTypeHint,
})
override

Revoke token

Implementation

@override
Future<void> revokeToken({
  required String token,
  String? tokenTypeHint,
}) async {
  final metadata = await _discoverMetadata();

  if (metadata.revocationEndpoint == null) {
    return; // Server doesn't support revocation
  }

  final body = <String, String>{
    'token': token,
    'client_id': config.clientId,
    if (tokenTypeHint != null) 'token_type_hint': tokenTypeHint,
  };

  final headers = <String, String>{
    'Content-Type': 'application/x-www-form-urlencoded',
  };

  if (config.clientSecret != null) {
    final credentials = base64Encode(
      utf8.encode('${config.clientId}:${config.clientSecret}'),
    );
    headers['Authorization'] = 'Basic $credentials';
  }

  await _httpClient.post(
    Uri.parse(metadata.revocationEndpoint!),
    headers: headers,
    body: body.entries
        .map((e) => '${e.key}=${Uri.encodeComponent(e.value)}')
        .join('&'),
  );
}