From a16be1103863ed5afc38e152ee2229c7026f4c9c Mon Sep 17 00:00:00 2001
From: Austin Burdine <acburdine@gmail.com>
Date: Tue, 7 Jul 2015 17:39:43 -0400
Subject: [PATCH] re-added revoke method to authentication api

closes #5530
- adds revoke api method back into code base
---
 core/server/api/authentication.js | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/core/server/api/authentication.js b/core/server/api/authentication.js
index 584fc0d7bc..915eecefc4 100644
--- a/core/server/api/authentication.js
+++ b/core/server/api/authentication.js
@@ -287,6 +287,25 @@ authentication = {
         }).then(function (result) {
             return Promise.resolve({users: [result]});
         });
+    },
+
+    revoke: function (object) {
+        var token;
+
+        if (object.token_type_hint && object.token_type_hint === 'access_token') {
+            token = dataProvider.Accesstoken;
+        } else if (object.token_type_hint && object.token_type_hint === 'refresh_token') {
+            token = dataProvider.Refreshtoken;
+        } else {
+            return errors.BadRequestError('Invalid token_type_hint given.');
+        }
+
+        return token.destroyByToken({token: object.token}).then(function () {
+            return Promise.resolve({token: object.token});
+        }, function () {
+            // On error we still want a 200. See https://tools.ietf.org/html/rfc7009#page-5
+            return Promise.resolve({token: object.token, error: 'Invalid token provided'});
+        });
     }
 };