This repository was archived by the owner on Dec 12, 2018. It is now read-only.
This repository was archived by the owner on Dec 12, 2018. It is now read-only.
Account.getAccessTokens only way to get AccessToken resource #603
Description
In the use case I need to revoke a token after retrieving it from an instance of StormpathAccessTokenAuthenticator, I am forced to make a superfluous calls to client.getAccount, and account.getAccessTokens in order to call accessToken.delete();
e.g.
const client = new stormpath.Client(options);
const authenticator = new stormpath.StormpathAccessTokenAuthenticator(client);
(...)
// 1.) Validate token
authenticator.authenticate(jwtString, (err, accessTokenResponse) => {
// Even though I have the href, `accessTokenResponse.delete()` is not a function; instead...
// 2.) get account
client.getAccount(accessTokenResponse.account.href, (err, account) => {
// 3.) get access token resources
account.getAccessTokens(null, (err, collection) => {
// 4.) logout by revoking token
collection[0].delete((err) => console.log('Finally Logged out after 4 API calls'));
});
});
});The only place that actually instantiates an AccessToken resource is in Account.getAccessTokens, therefore even though I have the href and the token object, I am required to incur an additional API call before I can issue the DELETE request. This makes the one request to logout in my application require 4 api calls.