mod_http_oauth2 should expose an endpoint to revoke a token. This allows the web portal to securely log out the user.
Relevant standard: https://tools.ietf.org/html/rfc7009
(This is obviously not relevant right now since mod_http_oauth2 simply returns a static string as token, but it’ll become more relevant in the future, so let’s track this.)
mod_http_oauth2 should expose an endpoint to revoke a token. This allows the web portal to securely log out the user. Relevant standard: https://tools.ietf.org/html/rfc7009 (This is obviously not relevant right now since mod_http_oauth2 simply returns a static string as token, but it’ll become more relevant in the future, so let’s track this.)
Pretty sure this is planned.
Changeshttps://hg.prosody.im/prosody-modules/rev/dee6b5098278
Changes