Fixed #8

overtrue · overtrue · commit 30cceb430e3e · 2021-09-17T23:01:05.000+08:00
diff --git a/src/CacheTokenRepository.php b/src/CacheTokenRepository.php
@@ -135,4 +135,11 @@ public function store(): Repository
 
         return $store instanceof TaggableStore ? $store->tags($this->cacheTags) : $store;
     }
+
+    public function revokeAccessToken($id)
+    {
+        parent::revokeAccessToken($id);
+
+        $this->store()->forget($this->itemKey($id));
+    }
 }
diff --git a/tests/FeatureTest.php b/tests/FeatureTest.php
@@ -2,12 +2,15 @@
 
 namespace Tests;
 
+use Illuminate\Auth\RequestGuard;
 use Illuminate\Contracts\Hashing\Hasher;
 use Illuminate\Contracts\Routing\Registrar;
 use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Cache;
 use Illuminate\Support\Str;
 use Laravel\Passport\Client;
 use Laravel\Passport\ClientRepository;
+use Laravel\Passport\TokenRepository;
 
 class FeatureTest extends TestCase
 {
@@ -54,43 +57,65 @@ public function test_it_can_cache_token()
         $user->password = $this->app->make(Hasher::class)->make($password);
         $user->save();
 
+        $tokenRepository = app(TokenRepository::class);
+
         /** @var Client $client */
-        app(ClientRepository::class)->createPersonalAccessClient($user->id, 'Personal Token Client', 'http://localhost');
+        $client = app(ClientRepository::class)->createPersonalAccessClient($user->id, 'Personal Token Client', 'http://localhost');
 
         /** @var Registrar $router */
         $router = $this->app->make(Registrar::class);
 
-        $token = $user->createToken('test')->accessToken;
+        $accessToken = $user->createToken('test')->accessToken;
 
         $router->get('/foo', function () {
             return 'bar';
         })->middleware('auth:api');
 
-        $query = $this->getQueryLog(function () use ($token, $user, $router) {
+        $query = $this->getQueryLog(function () use ($accessToken, $user, $router) {
             $this->getJson('/foo')->assertStatus(401);
-            $this->withHeader('Authorization', 'Bearer ' . $token)->getJson('/foo')->assertSuccessful()->assertSee('bar');
+            $this->withHeader('Authorization', 'Bearer ' . $accessToken)->getJson('/foo')->assertSuccessful()->assertSee('bar');
         });
 
         $this->assertCount(3, $query);
 
         // token cached
-        $query = $this->getQueryLog(function () use ($token, $user, $router) {
+        $query = $this->getQueryLog(function () use ($accessToken, $user, $router) {
             $router->get('/me', function () {
                 return Auth::user();
             })->middleware('auth:api');
 
-            $this->withHeader('Authorization', 'Bearer ' . $token)->getJson('/me')->assertSuccessful()->assertJsonFragment([
+            $this->withHeader('Authorization', 'Bearer ' . $accessToken)->getJson('/me')->assertSuccessful()->assertJsonFragment([
                 'id' => $user->id,
                 'email' => $user->email,
             ]);
 
-            $this->withHeader('Authorization', 'Bearer ' . $token)->getJson('/me')->assertOk();
-            $this->withHeader('Authorization', 'Bearer ' . $token)->getJson('/me')->assertOk();
-            $this->withHeader('Authorization', 'Bearer ' . $token)->getJson('/me')->assertOk();
-            $this->withHeader('Authorization', 'Bearer ' . $token)->getJson('/me')->assertOk();
+            $this->withHeader('Authorization', 'Bearer ' . $accessToken)->getJson('/me')->assertOk();
+            $this->withHeader('Authorization', 'Bearer ' . $accessToken)->getJson('/me')->assertOk();
+            $this->withHeader('Authorization', 'Bearer ' . $accessToken)->getJson('/me')->assertOk();
+            $this->withHeader('Authorization', 'Bearer ' . $accessToken)->getJson('/me')->assertOk();
         });
 
         $this->assertCount(0, $query);
+
+
+        // revoke token
+        $token = $tokenRepository->findValidToken($user, $client);
+        $this->assertTrue(Cache::has(app(TokenRepository::class)->itemKey($token->id)));
+
+        $tokenRepository->revokeAccessToken($token->id);
+        $token->refresh();
+        $this->assertTrue($token->revoked);
+
+        $this->assertFalse(Cache::has($tokenRepository->itemKey($token->id)));
+
+        // logout
+        RequestGuard::macro('logout', function () {
+            $this->user = null;
+        });
+        Auth::guard('api')->logout();
+
+        // request with revoked token
+        $this->withHeader('Authorization', 'Bearer ' . $accessToken)->getJson('/me')->assertUnauthorized();
     }
 
     protected function getQueryLog(\Closure $callback): \Illuminate\Support\Collection

Original file line number	Diff line number	Diff line change
`@@ -135,4 +135,11 @@ public function store(): Repository`
`135`	`135`
`136`	`136`	`return $store instanceof TaggableStore ? $store->tags($this->cacheTags) : $store;`
`137`	`137`	`}`
	`138`	`+`
	`139`	`+ public function revokeAccessToken($id)`
	`140`	`+ {`
	`141`	`+ parent::revokeAccessToken($id);`
	`142`	`+`
	`143`	`+ $this->store()->forget($this->itemKey($id));`
	`144`	`+ }`
`138`	`145`	`}`