From bf1e576ffa18e73df76336c00623b7efb12238d9 Mon Sep 17 00:00:00 2001
From: liquidjoo <liquidjoo@gmail.com>
Date: Wed, 18 Sep 2019 18:53:21 +0900
Subject: [PATCH] logout -> token revoke

---
 .../controller/sso/SsoController.java         | 27 +++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/authorization-server/src/main/java/io/bluemoon/authorizationserver/controller/sso/SsoController.java b/authorization-server/src/main/java/io/bluemoon/authorizationserver/controller/sso/SsoController.java
index 483c0e6..9b30f7d 100644
--- a/authorization-server/src/main/java/io/bluemoon/authorizationserver/controller/sso/SsoController.java
+++ b/authorization-server/src/main/java/io/bluemoon/authorizationserver/controller/sso/SsoController.java
@@ -2,13 +2,30 @@ package io.bluemoon.authorizationserver.controller.sso;
 
 import io.bluemoon.authorizationserver.config.annotation.SocialUser;
 import io.bluemoon.authorizationserver.domain.user.User;
+import org.springframework.security.oauth2.common.OAuth2AccessToken;
+import org.springframework.security.oauth2.provider.OAuth2Authentication;
+import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
+import org.springframework.security.oauth2.provider.token.ConsumerTokenServices;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.*;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
 import java.security.Principal;
 
 @Controller
 public class SsoController {
 
+    private AuthorizationServerTokenServices authorizationServerTokenServices;
+    private ConsumerTokenServices consumerTokenServices;
+
+    public SsoController(AuthorizationServerTokenServices authorizationServerTokenServices,
+                         ConsumerTokenServices consumerTokenServices) {
+        this.authorizationServerTokenServices = authorizationServerTokenServices;
+        this.consumerTokenServices = consumerTokenServices;
+    }
+
     @RequestMapping(value = "/user")
     @ResponseBody
     public Principal user(Principal user) {
@@ -24,6 +41,16 @@ public class SsoController {
     }
 
 
+    @PostMapping("/revokeToken")
+    public void revokeToken(HttpServletRequest request, HttpServletResponse response, Principal principal) {
+        OAuth2Authentication oAuth2Authentication = (OAuth2Authentication) principal;
+        OAuth2AccessToken accessToken = authorizationServerTokenServices.getAccessToken(oAuth2Authentication);
+        consumerTokenServices.revokeToken(accessToken.getValue());
+        HttpSession httpSession = request.getSession();
+        httpSession.invalidate();
+    }
+
+