Skip to content
This repository has been archived by the owner on Dec 12, 2018. It is now read-only.

Account.getAccessTokens only way to get AccessToken resource #603

Open
TuckerCowie opened this issue Feb 3, 2017 · 0 comments
Open

Account.getAccessTokens only way to get AccessToken resource #603

TuckerCowie opened this issue Feb 3, 2017 · 0 comments
Labels
needs review

Comments

@TuckerCowie
Copy link

TuckerCowie commented Feb 3, 2017
edited by the-overengineer
Loading

In the use case I need to revoke a token after retrieving it from an instance of StormpathAccessTokenAuthenticator, I am forced to make a superfluous calls to client.getAccount, and account.getAccessTokens in order to call accessToken.delete();

e.g.

const client = new stormpath.Client(options);
const authenticator = new stormpath.StormpathAccessTokenAuthenticator(client);
(...)
// 1.) Validate token
authenticator.authenticate(jwtString, (err, accessTokenResponse) => {
  // Even though I have the href, `accessTokenResponse.delete()` is not a function; instead...
  // 2.) get account
  client.getAccount(accessTokenResponse.account.href, (err, account) => {
    // 3.) get access token resources
    account.getAccessTokens(null, (err, collection) => {
      // 4.) logout by revoking token
      collection[0].delete((err)  => console.log('Finally Logged out after 4 API calls'));
    });
  });
});

The only place that actually instantiates an AccessToken resource is in Account.getAccessTokens, therefore even though I have the href and the token object, I am required to incur an additional API call before I can issue the DELETE request. This makes the one request to logout in my application require 4 api calls.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
needs review
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@the-overengineer @TuckerCowie