我在react nodejs应用程序中有google drive sign in功能。当用户点击登录时,我使用Google oauth2获取代码,并使用客户端ID和secret获取访问令牌和刷新令牌。我保存这些令牌和到期在我的数据库。现在,我想在注销时撤销令牌。下面是我打的电话:
// token => storing refreshtoken
axios.post(`https://www.googleapis.com/oauth2/v3/revoke?token=${token}`, {
})
.then((response) => {
console.log("response = ", response)
log('INFO', 'Inside getNewToken done')
return response
}).catch((error) => {
log('ERROR','Inside getNewToken, Error : ', error)
return error
})
显示"请求失败,状态码404"。我也试过
https://oauth2.googleapis.com/revoke?token=${token}
显示"请求失败,状态码为400";我哪里做错了?要调用的api是正确的
如果您查看google的发现文档openid-configuration
您将发现撤销端点应该是
"revocation_endpoint"https://oauth2.googleapis.com/revoke"
您正在使用
https://www.googleapis.com/oauth2/v3/revoke完整的disco文档响应
{
"issuer": "https://accounts.google.com",
"authorization_endpoint": "https://accounts.google.com/o/oauth2/v2/auth",
"device_authorization_endpoint": "https://oauth2.googleapis.com/device/code",
"token_endpoint": "https://oauth2.googleapis.com/token",
"userinfo_endpoint": "https://openidconnect.googleapis.com/v1/userinfo",
"revocation_endpoint": "https://oauth2.googleapis.com/revoke",
"jwks_uri": "https://www.googleapis.com/oauth2/v3/certs",
"response_types_supported": [
"code",
"token",
"id_token",
"code token",
"code id_token",
"token id_token",
"code token id_token",
"none"
],
"subject_types_supported": [
"public"
],
"id_token_signing_alg_values_supported": [
"RS256"
],
"scopes_supported": [
"openid",
"email",
"profile"
],
"token_endpoint_auth_methods_supported": [
"client_secret_post",
"client_secret_basic"
],
"claims_supported": [
"aud",
"email",
"email_verified",
"exp",
"family_name",
"given_name",
"iat",
"iss",
"locale",
"name",
"picture",
"sub"
],
"code_challenge_methods_supported": [
"plain",
"S256"
],
"grant_types_supported": [
"authorization_code",
"refresh_token",
"urn:ietf:params:oauth:grant-type:device_code",
"urn:ietf:params:oauth:grant-type:jwt-bearer"
]
}
请记住,你只能撤销一个令牌一次,所以如果它被撤销,如果你试图再次撤销它,它会给你一个错误,因为它不存在。