Issue 463: Provide a signout\logout method

Src/GoogleApis.Auth/OAuth2/UserCredential.cs

 /*
 Copyright 2013 Google Inc
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
 
 http://www.apache.org/licenses/LICENSE-2.0
 
 Unless required by applicable law or agreed to in writing, software
@@ skipping 16 matching lines @@
 
 namespace Google.Apis.Auth.OAuth2
 {
 /// <summary>
 /// OAuth 2.0 credential for accessing protected resources using an access t
oken, as well as optionally refreshing·
 /// the access token when it expires using a refresh token.
 /// </summary>
 public class UserCredential : IHttpExecuteInterceptor, IHttpUnsuccessfulResp
onseHandler,
 IConfigurableHttpClientInitializer
 {
- private static readonly ILogger Logger = ApplicationContext.Logger.ForTy
 pe<UserCredential>();
+ protected static readonly ILogger Logger = ApplicationContext.Logger.For
 Type<UserCredential>();
 
 private TokenResponse token;
 private object lockObject = new object();
 
- /// <summary>Gets the token response which contains the access token.</s
 ummary>
+ /// <summary>Gets or sets the token response which contains the access t
 oken.</summary>
 public TokenResponse Token
 {
 get
 {
 lock (lockObject)
 {
 return token;
 }
 }
- private set
+ set
 {
 lock (lockObject)
 {
 token = value;
 }
 }
 }
 
+/// <summary>Gets the authorization code flow.</summary>
+public IAuthorizationCodeFlow Flow
+{
+get { return flow; }
+}
+
+/// <summary>Gets the user identity.</summary>
+public string UderId
+{
+get { return userId; }
+}
+
 private readonly IAuthorizationCodeFlow flow;
 private readonly string userId;
 
 /// <summary>Constructs a new credential instance.</summary>
 /// <param name="flow">Authorization code flow.</param>
 /// <param name="userId">User identifier.</param>
 /// <param name="token">An initial token for the user.</param>
 public UserCredential(IAuthorizationCodeFlow flow, string userId, TokenR
esponse token)
 {
 this.flow = flow;
 this.userId = userId;
 this.token = token;
 }
 
+#region IHttpExecuteInterceptor
+
 /// <summary>
 /// Default implementation is to try to refresh the access token if ther
e is no access token or if we are 1·
 /// minute away from expiration. If token server is unavailable, it will
try to use the access token even if·
 /// has expired. If successful, it will call <seealso cref="IAccessMetho
d.Intercept"/>.
 /// </summary>
 public async Task InterceptAsync(HttpRequestMessage request, Cancellatio
nToken taskCancellationToken)
 {
 if (Token.IsExpired(flow.Clock))
 {
 Logger.Debug("Token has expired, trying to refresh it.");
 if (!await RefreshTokenAsync(taskCancellationToken).ConfigureAwa
it(false))
 {
 throw new InvalidOperationException("The access token has ex
pired but we can't refresh it");
 }
 }
 
 flow.AccessMethod.Intercept(request, Token.AccessToken);
 }
 
+#endregion
+
+#region IHttpUnsuccessfulResponseHandler
+
+public async Task<bool> HandleResponseAsync(HandleUnsuccessfulResponseAr
gs args)
+{
+// TODO(peleyal): check WWW-Authenticate header.
+if (args.Response.StatusCode == HttpStatusCode.Unauthorized)
+{
+return !Object.Equals(Token.AccessToken, flow.AccessMethod.GetAc
cessToken(args.Request))
+|| await RefreshTokenAsync(args.CancellationToken).Configure
Await(false);
+}
+
+return false;
+}
+
+#endregion
+
+#region IConfigurableHttpClientInitializer
+
+public void Initialize(ConfigurableHttpClient httpClient)
+{
+httpClient.MessageHandler.ExecuteInterceptors.Add(this);
+httpClient.MessageHandler.UnsuccessfulResponseHandlers.Add(this);
+}
+
+#endregion
+
 /// <summary>
 /// Refreshes the token by calling to <seealso cref="IAuthorizationCodeF
low.RefreshTokenAsync"/>. Then it·
 /// updates the <see cref="TokenResponse"/> with the new token instance.
 /// </summary>
 /// <param name="taskCancellationToken">Cancellation token to cancel an
operation.</param>
 /// <returns><c>true</c> if the token was refreshed.</returns>
 public async Task<bool> RefreshTokenAsync(CancellationToken taskCancella
tionToken)
 {
 if (Token.RefreshToken == null)
 {
@@ skipping 10 matching lines @@
 
 if (newToken.RefreshToken == null)
 {
 newToken.RefreshToken = Token.RefreshToken;
 }
 
 Token = newToken;
 return true;
 }
 
- public async Task<bool> HandleResponseAsync(HandleUnsuccessfulResponseAr
 gs args)
+ /// <summary>
+ /// Asynchronously revokes the token by calling
+ /// <see cref="Google.Apis.Auth.OAuth2.Flows.IAuthorizationCodeFlow.Revo
 keTokenAsync"/>.
+ /// </summary>
+ /// <param name="taskCancellationToken">Cancellation token to cancel an 
 operation.</param>
+ /// <returns><c>true</c> if the token was revoked successfully.</returns
 >
+ public async Task<bool> RevokeTokenAsync(CancellationToken taskCancellat
 ionToken)
 {
- // TODO(peleyal): check WWW-Authenticate header.
- if (args.Response.StatusCode == HttpStatusCode.Unauthorized)
+ if (Token == null)
 {
- return !Object.Equals(Token.AccessToken, flow.AccessMethod.GetAc
 cessToken(args.Request))
- || await RefreshTokenAsync(args.CancellationToken).Configure
 Await(false);
+ Logger.Warning("Token is already null, no need to revoke it.");
+ return false;
 }
 
- return false;
- }
-
- public void Initialize(ConfigurableHttpClient httpClient)
- {
- httpClient.MessageHandler.ExecuteInterceptors.Add(this);
- httpClient.MessageHandler.UnsuccessfulResponseHandlers.Add(this);
+ await flow.RevokeTokenAsync(userId, Token.AccessToken, taskCancellat
 ionToken).ConfigureAwait(false);
+ Logger.Info("Access token was revoked successfully");
+ // We don't set the token to null, cause we want that the next reque
 st (without reauthorizing) will fail).
+ return true;
 }
 }
 }