Merge pull request #45 from XeroAPI/token-revoke-method

WIP: adds token revoke method, ready for test pypi
XeroAPI · Apr 12, 2021 · fae7381 · fae7381
2 parents 1c53f7d + c7809c5
commit fae7381
Show file tree

Hide file tree

Showing 6 changed files with 16,144 additions and 94,267 deletions.
diff --git a/docs/v1/accounting/index.html b/docs/v1/accounting/index.html
diff --git a/setup.py b/setup.py
@@ -48,5 +48,5 @@ def read_file(filename):
     keywords="xero python sdk API oAuth",
     name="xero_python",
     packages=find_packages(include=["xero_python", "xero_python.*"]),
-    version="1.5.2",
+    version="1.5.3",
 )
diff --git a/xero_python/__init__.py b/xero_python/__init__.py
@@ -2,4 +2,4 @@
 
 __author__ = """Xero Developer API"""
 __email__ = "[email protected]"
-__version__ = "1.5.2"
+__version__ = "1.5.3"
diff --git a/xero_python/api_client/__init__.py b/xero_python/api_client/__init__.py
@@ -748,6 +748,16 @@ def refresh_oauth2_token(self):
         if oauth2_token.refresh_access_token(self):
             return self.get_oauth2_token()
 
+    def revoke_oauth2_token(self):
+        """
+        Force revoke oauth2 token
+        :return: empty oauth2 token
+        """
+        oauth2_token = self.configuration.oauth2_token
+        oauth2_token.update_token(**self.get_oauth2_token())
+        if oauth2_token.revoke_access_token(self):
+            return self.get_oauth2_token()
+
     def oauth2_token_getter(self, token_getter):
         """
         A decorator to register a callback function for getting oauth2 token

diff --git a/xero_python/api_client/oauth2.py b/xero_python/api_client/oauth2.py
@@ -11,6 +11,7 @@ class TokenApi:
     """
 
     refresh_token_url = "https://identity.xero.com/connect/token"
+    revoke_token_url = "https://identity.xero.com/connect/revocation"
 
     def __init__(self, api_client, client_id, client_secret):
         self.api_client = api_client
@@ -50,6 +51,35 @@ def refresh_token(self, refresh_token, scope):
         # todo validate response is json
         return self.parse_token_response(response)
 
+    def revoke_token(self, refresh_token):
+        """
+        Call xero identity API to revoke access tokens and remove all a user's connections using refresh token
+        :param refresh_token: str auth2 refresh token
+        :return: status response
+        """
+        post_data = {
+            "token": refresh_token,
+            "client_id": self.client_id,
+            "client_secret": self.client_secret,
+        }
+        response, status, headers = self.api_client.call_api(
+            self.revoke_token_url,
+            "POST",
+            header_params={
+                "Accept": "application/json",
+                "Content-Type": "application/x-www-form-urlencoded",
+            },
+            post_params=post_data,
+            auth_settings=None,  # important to prevent infinite recursive loop
+            _preload_content=False,
+        )
+        if status != 200:
+            # todo improve error handling
+            raise Exception(
+                "refresh token status {} {} {!r}".format(status, response, headers)
+            )
+        return status
+
     def parse_token_response(self, response):
         """
         Parse token data from http response
@@ -171,6 +201,30 @@ def refresh_access_token(self, api_client):
         api_client.set_oauth2_token(new_token)
         return True
 
+    def revoke_access_token(self, api_client):
+        """
+        Perform auth2 revoke token call.
+        :param api_client:  ApiClient instance used to perform refresh token API call.
+        :return: bool - True if success
+        :raise: http request related errors
+        """
+        if not self.can_refresh_access_token():
+            return False
+        token_api = TokenApi(api_client, self.client_id, self.client_secret)
+        token_api.revoke_token(self.refresh_token)
+        new_token = {
+            "access_token": None,
+            "refresh_token": None,
+            "scope": None,
+            "expires_at": None,
+            "expires_in": None,
+            "token_type": "Bearer",
+            "id_token": None,
+        }
+        self.update_token(**new_token)
+        api_client.set_oauth2_token(new_token)
+        return True
+
     def update_token(
         self,
         access_token,

diff --git a/xero_python/docs/README.md b/xero_python/docs/README.md
@@ -4,7 +4,7 @@ These endpoints are related to managing authentication tokens and identity for X
 The `xero_python` package is automatically generated by the [XeroAPI SDK 2.0 Codegen](https://github.com/xero-github/xeroapi-sdk-codegen) project:
 
 - API version: 2.10.4
-- Package version: 1.5.2
+- Package version: 1.5.3
 - Build package: org.openapitools.codegen.languages.PythonClientCodegen
 For more information, please visit [https://developer.xero.com](https://developer.xero.com)