From b83a00aa2cdabfc20c162379c885caac0110e167 Mon Sep 17 00:00:00 2001
From: r <r@freesoftwareextremist.com>
Date: Mon, 2 Oct 2023 06:44:26 +0000
Subject: Revoke oauth token on signout

---
 mastodon/mastodon.go | 10 ++++++++++
 service/service.go   |  4 ++++
 service/transport.go |  4 ++++
 3 files changed, 18 insertions(+)

diff --git a/mastodon/mastodon.go b/mastodon/mastodon.go
index a80269d..194ca30 100644
--- a/mastodon/mastodon.go
+++ b/mastodon/mastodon.go
@@ -138,6 +138,16 @@ func (c *Client) AuthenticateToken(ctx context.Context, authCode, redirectURI st
 	return c.authenticate(ctx, params)
 }
 
+func (c *Client) RevokeToken(ctx context.Context) error {
+	params := url.Values{
+		"client_id":     {c.config.ClientID},
+		"client_secret": {c.config.ClientSecret},
+		"token":         {c.GetAccessToken(ctx)},
+	}
+
+	return c.doAPI(ctx, http.MethodPost, "/oauth/revoke", params, nil, nil)
+}
+
 func (c *Client) authenticate(ctx context.Context, params url.Values) error {
 	u, err := url.Parse(c.config.Server)
 	if err != nil {
diff --git a/service/service.go b/service/service.go
index 7043310..6b8d0ee 100644
--- a/service/service.go
+++ b/service/service.go
@@ -902,6 +902,10 @@ func (s *service) Signin(c *client, code string) (err error) {
 	return c.setSession(c.s)
 }
 
+func (s *service) Signout(c *client) (err error) {
+	return c.RevokeToken(c.ctx)
+}
+
 func (s *service) Post(c *client, content string, replyToID string,
 	format string, visibility string, isNSFW bool,
 	files []*multipart.FileHeader) (id string, err error) {
diff --git a/service/transport.go b/service/transport.go
index 69d08e2..1182d6c 100644
--- a/service/transport.go
+++ b/service/transport.go
@@ -676,6 +676,10 @@ func NewHandler(s *service, verbose bool, staticDir string) http.Handler {
 	}, CSRF, HTML)
 
 	signout := handle(func(c *client) error {
+		err := s.Signout(c)
+		if err != nil {
+			return err
+		}
 		c.unsetSession()
 		c.redirect("/")
 		return nil
-- 
cgit v1.2.3