From fb35ec60a352ab1f34002a0125e5a88770a4edab Mon Sep 17 00:00:00 2001
From: Matthew Wild <mwild1@gmail.com>
Date: Wed, 5 Apr 2023 15:33:56 +0100
Subject: mod_tokenauth: Add API method to revoke a grant by id

We probably want to refactor revoke_token() to use this one in the future.
---
 plugins/mod_tokenauth.lua | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'plugins')

diff --git a/plugins/mod_tokenauth.lua b/plugins/mod_tokenauth.lua
index c1fd37a6..1403047b 100644
--- a/plugins/mod_tokenauth.lua
+++ b/plugins/mod_tokenauth.lua
@@ -278,6 +278,13 @@ function revoke_token(token)
 	return true;
 end
 
+function revoke_grant(username, grant_id)
+	local ok, err = token_store:set_key(username, grant_id, nil);
+	if not ok then return nil, err; end
+	module:fire_event("token-grant-revoked", { id = grant_id, username = username, host = module.host });
+	return true;
+end
+
 function sasl_handler(auth_provider, purpose, extra)
 	return function (sasl, token, realm, _authzid)
 		local token_info, err = get_token_info(token);
-- 
cgit v1.2.3