revoke_token

Attempts to revoke an access or refresh token using RFC 7009 when the
provider exposes a revocation endpoint.
Authentication mirrors the provider's <code>token_auth_style</code> (same as token
exchange and introspection).
Best-effort semantics:<ul>
<li>If the provider does not expose a revocation endpoint, returns
<code>supported = FALSE</code>, <code>revoked = NA</code>, and <code>status = "revocation_unsupported"</code>.</li>
<li>If the selected token value is missing, returns <code>supported = TRUE</code>,
<code>revoked = NA</code>, and <code>status = "missing_token"</code>.</li>
<li>If the endpoint returns a 2xx, returns <code>supported = TRUE</code>, <code>revoked = TRUE</code>,
and <code>status = "ok"</code>.</li>
<li>If the endpoint returns an HTTP error, returns <code>supported = TRUE</code>,
<code>revoked = NA</code>, and <code>status = "http_&lt;code&gt;"</code>.</li>
</ul>

Provides a simple, configurable, provider-agnostic 'OAuth 2.0' and
'OpenID Connect' (OIDC) authentication framework for 'shiny' applications
using 'S7' classes. Defines providers, clients, and tokens, as well
as various supporting functions and a 'shiny' module. Features include
cross-site request forgery (CSRF) protection, state encryption,
'Proof Key for Code Exchange' (PKCE) handling, validation of OIDC identity
tokens (nonces, signatures, claims), automatic user info retrieval, asynchronous
flows, and hooks for audit logging.

Luka Koning

shinyOAuth

Provider-Agnostic OAuth Authentication for 'shiny' Applications

revoke_token function

<dl><dt>oauth_client</dt>
<dd>OAuthClient object</dd>
<dt>oauth_token</dt>
<dd>OAuthToken object containing tokens to revoke</dd>
<dt>which</dt>
<dd>Which token to revoke: "refresh" (default) or "access"</dd>
<dt>async</dt>
<dd>Logical, default FALSE. If TRUE and promises is available, run
in background and return a promise resolving to the result list</dd>
<dt>shiny_session</dt>
<dd>Optional pre-captured Shiny session context (from
<code>capture_shiny_session_context()</code>) to include in audit events. Used when
calling from async workers that lack access to the reactive domain.</dd></dl>

Arguments

Revoke an OAuth 2.0 token — revoke_token

<dl>

<dt>oauth_client</dt>
<dd>OAuthClient object</dd>


<dt>oauth_token</dt>
<dd>OAuthToken object containing tokens to revoke</dd>


<dt>which</dt>
<dd>Which token to revoke: "refresh" (default) or "access"</dd>


<dt>async</dt>
<dd>Logical, default FALSE. If TRUE and promises is available, run
in background and return a promise resolving to the result list</dd>


<dt>shiny_session</dt>
<dd>Optional pre-captured Shiny session context (from
<code>capture_shiny_session_context()</code>) to include in audit events. Used when
calling from async workers that lack access to the reactive domain.</dd>

</dl>

revoke_token: Revoke an OAuth 2.0 token

Description

Usage

Value

Arguments