Programmatically logout OAuth Connector in Drupal 7

Question

I am using OAuth Connector module to authenticate a user from an external source. Each user on the external source has a corresponding Drupal user account.

After successful oath authentication, user is programmatically logged in with a matching Drupal user account using user_authenticate and user_login_finalize.

When the drupal user logs out, I want to revoke OAuth access programmatically in user_logout. But I could not find any logout/revoke/destroy/invalidate method in any of the OAuth classes.

What is the correct way to programmatically logout an authenticated OAuth user in Drupal 7?

P.S. I know the system i have mentioned above is very inconvenient and there are many better ways to share user accounts between sites but my question is limited to 'how to logout in Drupal 7 OAuth connector module'.

EDIT: If I clear the saved OAuth tokens is it similar to logging out? Can anyone shed more light on what all data is stored by OAuth module and how to clear it if there is no direct logout option?

I am new to drupal and thought this was a rookie question. Expected someone to give me a one liner answer for this. Surprising that i have not got a single reply even after starting a bounty. — Swapnil Luktuke, Mar 03 '14 at 10:13
i can't believe my bounty is going to go waste... unanswered... — Swapnil Luktuke, Mar 04 '14 at 07:31

score 3 · Answer 1 · answered Mar 04 '14 at 12:59

3

If I understand your question correctly, you can just call user_logout() to programmatically logout an authenticated user.

This is possible because the Connector module (upon which OAuth Connector is based) incorporates hook_user_logout() to propagate the logout call to the OAuth provider.

Hopefully this answers your question?

Note: is there a specific reason why you aren't using the more popular (and stable) OAuth module?

answered Mar 04 '14 at 12:59

Propaganistas

1,674
1
17
40

I will try your solution. Regarding OAuth module, i felt it was more suitable for implementing OAuth server where as i wanted an easy client side library to authenticate and sign requests. OAuth Connector set up was quite easy and is working well. I realize now that the OAuth Connector module also uses OAuth module. – Swapnil Luktuke Mar 04 '14 at 14:24
Ok... i am really a noob... so i failed to understand your answer on the first go... 'user_logout()' IS called when user logs out from the page. If i understand your answer correctly, this should automatically logout OAuth Connecter because of the hook. But this is not happening. If you see i have mentioned 'user_logout()' method in my question as well. – Swapnil Luktuke Mar 04 '14 at 14:55
1

Unfortunately as logouts *should* be propagated to the OAuth provider (but this isn't the case as you state), the problem lies either in your OAuth settings or the module itself. There's little we can do then... Maybe you should just test the more popular OAuth module to see if the problem also exists in that case? – Propaganistas Mar 04 '14 at 15:19

Programmatically logout OAuth Connector in Drupal 7

1 Answers1