ESA - how to override_ `invalidate` method to call a server side action/URL

@belgoros wrote:

As ESA docs puts it:

This method is invoked as a callback when the session is invalidated. While the session will invalidate itself and clear all authenticated session data, it might be necessary for some authenticators to perform additional tasks (e.g. invalidating an access token on the server side).

how is it possible to achieve that ? I’m using implicit grant authentication and tried to put invalidate in the corresponding authenticator as follows:

Calling logout in application.js route:

#routes/application.js

actions: {
    logout() {
      this.get('session').invalidate(this.get('currentUser.user'));
    }
  },

Trying to override invalidate in the used authenticator:

#authenticators/oauth2-implicit-grant.js

import OAuth2ImplicitGrant from 'ember-simple-auth/authenticators/oauth2-implicit-grant';

export default OAuth2ImplicitGrant.extend({

invalidate(data, args) {
  console.log(data);
}
});

The output of data to the console displays:

Object { authenticator: "authenticator:oauth2-implicit-grant", access_token: XXXX, token_type: "Bearer", expires_in: "7199"}

How to call my server URL to nullify the token and what kind of response it should send ? Thank you.

Posts: 1

Participants: 1

Read full topic