gstackoverflow gstackoverflow - 6 months ago 68
Java Question

How to revoke auth token in spring security?

In logout controller I tryed to write a lot of combination of code. Now I have this:

final Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if (auth != null)
new SecurityContextLogoutHandler().logout(request, response, auth);

But after it this token is valid.

What Do I wrong?

What new can I to try ?


I'm little late here, but anyway... The class you're looking for is DefaultServices, method revokeToken(String tokenValue).

Here an exemple of a controller that revokes token, and here the oauth2 configuration with the DefaultServices bean.