HTTP Request to revoke the WSO2 Oauth2 token

Question

I want to revoke a token provided to the user through an OAuth2 login. I want to do an HTTP POST request from a JavaScript app. The WSO2 documentation provides a Curl example.

Tried:

Tried with curl by providing the syntax. It works perfectly fine curl -X POST --basic -u "clientid:clientsecret" -H "Content-Type: application/x-www-form-urlencoded;charset=UTF-8" -k -d "token=tokenfromwso2&token_type_hint=access_token" https://localhost:9443/oauth2/revoke
Tried to do the same using Http Request but the server returned 500 internal server error.

Header:

POST /oauth2/revoke HTTP/1.1
Host: localhost:9443
Connection: keep-alive
Content-Length: 14
Accept: application/json, text/plain, */*
Origin: http://localhost:4200
Authorization: Basic  clientid:clientsecret
User-Agent: Mozilla/5.0 (BB10; Touch) AppleWebKit/537.10+ (KHTML, like Gecko) Version/10.0.9.2372 Mobile Safari/537.10+
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Referer: http://localhost:4200/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Body:

{"token":access_token}

Grant Type is not implicit so I do not want the user to redirect to wso2 Identity server. I even tried to encode the client id secret but that too returned an internal server error.

score 0 · Answer 1 · answered Apr 02 '18 at 16:56

0

You need to base64 encode the client id and secret. Also, you need to provide the token as url encoded value. What you have given is a json payload for the body. Sample request can be found below.

answered Apr 02 '18 at 16:56

Pubci

3,834
1
13
28

Hi I was able to achieve this. Thanks for the Help :) – Viddhiyartha Apr 04 '18 at 09:41

HTTP Request to revoke the WSO2 Oauth2 token

1 Answers1