diff --git a/controllers/auth.php b/controllers/auth.php index d90652b..f6d357e 100644 --- a/controllers/auth.php +++ b/controllers/auth.php @@ -278,6 +278,8 @@ $app->get('/signout', function() use($app) { $app->post('/auth/reset', function() use($app) { if($user=require_login($app, false)) { + revoke_micropub_token($user->micropub_access_token, $user->token_endpoint); + $user->authorization_endpoint = ''; $user->token_endpoint = ''; $user->micropub_endpoint = ''; @@ -286,7 +288,7 @@ $app->post('/auth/reset', function() use($app) { $user->micropub_scope = ''; $user->micropub_access_token = ''; $user->save(); - + unset($_SESSION['auth']); unset($_SESSION['me']); unset($_SESSION['auth_state']); diff --git a/lib/helpers.php b/lib/helpers.php index a3d289d..bfcdf63 100644 --- a/lib/helpers.php +++ b/lib/helpers.php @@ -223,6 +223,17 @@ function micropub_get($endpoint, $params, $access_token) { ); } +function revoke_micropub_token($access_token, $token_endpoint) { + $ch = curl_init(); + curl_setopt($ch, CURLOPT_URL, $token_endpoint); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); + curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query([ + 'action' => 'revoke', + 'token' => $access_token, + ])); + curl_exec($ch); +} + function parse_headers($headers) { $retVal = array(); $fields = explode("\r\n", preg_replace('/\x0D\x0A[\x09\x20]+/', ' ', $headers)); diff --git a/views/settings.php b/views/settings.php index 537418c..6b69bc2 100644 --- a/views/settings.php +++ b/views/settings.php @@ -29,7 +29,7 @@