feat(authentication): extend TokenService for revokeable tokens

loopbackio · Mar 2, 2020 · 1c81e85 · 1c81e85
1 parent ca5f026
commit 1c81e85
Showing 1 changed file with 23 additions and 1 deletion.
diff --git a/packages/authentication/src/services/token.service.ts b/packages/authentication/src/services/token.service.ts
@@ -11,10 +11,32 @@ import {UserProfile} from '@loopback/security';
 export interface TokenService {
   /**
    * Verifies the validity of a token string and returns a user profile
+   *
+   * @param token The token/secret which should be validated/verified.
+   * @param userProfile Depending on the token system this optional parameter
+   *   can be used to check if the token is valid for the given user.
+   *
+   * @returns The UserProfile which belongs to the given token.
    */
-  verifyToken(token: string): Promise<UserProfile>;
+  verifyToken(token: string, userProfile?: UserProfile): Promise<UserProfile>;
+
   /**
    * Generates a token string based on a user profile
+   *
+   * @param userProfile A UserProfile for which a token should be generated.
+   *
+   * @returns a generated token/secret for a given UserProfile.
    */
   generateToken(userProfile: UserProfile): Promise<string>;
+
+  /**
+   * Revokes a given token (if supported by token system)
+   *
+   * @param token The token/secret which should be revoked/invalidated.
+   * @param userProfile An optional UserProfile to check if the token
+   *   is valid for a given User.
+   *
+   * @returns true, if the given token was invalidated.
+   */
+  revokeToken?(token: string, userProfile?: UserProfile): Promise<boolean>;
 }