Revoke tokens (#21)

* Added revoke access token
* Added revoke refresh token

Co-authored-by: @ciungulete

src/Provider/Mollie.php

@@ -32,6 +32,21 @@ class Mollie extends AbstractProvider
 	 */
 	const CLIENT_ID_PREFIX = 'app_';
 
+    /**
+     * @var string HTTP method used to revoke tokens.
+     */
+    const METHOD_DELETE = 'DELETE';
+
+    /**
+     * @var string Token type hint for Mollie access tokens.
+     */
+    const TOKEN_TYPE_ACCESS = 'access_token';
+
+    /**
+     * @var string Token type hint for Mollie refresh tokens.
+     */
+    const TOKEN_TYPE_REFRESH = 'refresh_token';
+
 	/**
 	 * Shortcuts to the available Mollie scopes.
 	 *
@@ -121,7 +136,7 @@ public function getBaseAuthorizationUrl ()
 	}
 
 	/**
-	 * Returns the base URL for requesting an access token.
+	 * Returns the base URL for requesting or revoking an access token.
 	 *
 	 * Eg. https://oauth.service.com/token
 	 *
@@ -144,6 +159,75 @@ public function getResourceOwnerDetailsUrl (AccessToken $token)
 		return static::MOLLIE_API_URL . '/v2/organizations/me';
 	}
 
+    /**
+     * Revoke a Mollie access token.
+     *
+     * @param string $accessToken
+     *
+     * @return \Psr\Http\Message\ResponseInterface
+     * @throws \GuzzleHttp\Exception\GuzzleException
+     */
+    public function revokeAccessToken($accessToken)
+    {
+        return $this->revokeToken(self::TOKEN_TYPE_ACCESS, $accessToken);
+    }
+
+    /**
+     * Revoke a Mollie refresh token.
+     *
+     * @param string $refreshToken
+     *
+     * @return \Psr\Http\Message\ResponseInterface
+     * @throws \GuzzleHttp\Exception\GuzzleException
+     */
+    public function revokeRefreshToken($refreshToken)
+    {
+        return $this->revokeToken(self::TOKEN_TYPE_REFRESH, $refreshToken);
+    }
+
+    /**
+     * Revoke a Mollie access token or refresh token.
+     *
+     * @param string $type
+     * @param string $token
+     *
+     * @return \Psr\Http\Message\ResponseInterface
+     * @throws \GuzzleHttp\Exception\GuzzleException
+     */
+    public function revokeToken($type, $token)
+    {
+        return $this->getRevokeTokenResponse([
+            'token_type_hint' => $type,
+            'token' => $token,
+        ]);
+	}
+
+    /**
+     * Sends a token revocation request and returns an response instance.
+     *
+     * @param array $params
+     *
+     * @return \Psr\Http\Message\ResponseInterface
+     * @throws \GuzzleHttp\Exception\GuzzleException
+     */
+    protected function getRevokeTokenResponse(array $params)
+    {
+        $params['client_id'] = $this->clientId;
+        $params['client_secret'] = $this->clientSecret;
+        $params['redirect_uri'] = $this->redirectUri;
+
+        $options = ['headers' => ['content-type' => 'application/x-www-form-urlencoded']];
+        $options['body'] = $this->buildQueryString($params);
+
+        $request = $this->getRequest(
+            self::METHOD_DELETE,
+            $this->getBaseAccessTokenUrl([]),
+            $options
+        );
+
+        return $this->getHttpClient()->send($request);
+	}
+
 	/**
 	 * The Mollie OAuth provider requests access to the organizations.read scope
 	 * by default to enable retrieving the app user's details.

tests/src/Provider/MollieTest.php

@@ -101,6 +101,57 @@ public function testGetAccessToken()
         $this->assertNull($token->getResourceOwnerId());
     }
 
+    public function testRevokeToken()
+    {
+        $response = m::mock(ResponseInterface::class);
+        $response->shouldReceive('getBody')->andReturn('{"client_id":'.self::MOCK_CLIENT_ID.', "client_secret":'.self::MOCK_SECRET.', "redirect_uri":'.self::REDIRECT_URI.', "token_type_hint":"access_token":"mock_access_token"}');
+        $response->shouldReceive('getHeader')->andReturn(['content-type' => 'application/x-www-form-urlencoded']);
+        $response->shouldReceive('getStatusCode')->andReturn(204);
+
+        $client = m::mock(ClientInterface::class);
+        $client->shouldReceive('send')->times(1)->andReturn($response);
+
+        $this->provider->setHttpClient($client);
+
+        $result = $this->provider->revokeAccessToken('mock_access_token');
+
+        $this->assertEquals($result->getStatusCode(), 204);
+    }
+
+    public function testRevokeAccessToken()
+    {
+        $response = m::mock(ResponseInterface::class);
+        $response->shouldReceive('getBody')->andReturn('{"client_id":'.self::MOCK_CLIENT_ID.', "client_secret":'.self::MOCK_SECRET.', "redirect_uri":'.self::REDIRECT_URI.', "token_type_hint":"access_token":"mock_access_token"}');
+        $response->shouldReceive('getHeader')->andReturn(['content-type' => 'application/x-www-form-urlencoded']);
+        $response->shouldReceive('getStatusCode')->andReturn(204);
+
+        $client = m::mock(ClientInterface::class);
+        $client->shouldReceive('send')->times(1)->andReturn($response);
+
+        $this->provider->setHttpClient($client);
+
+        $result = $this->provider->revokeAccessToken('mock_access_token');
+
+        $this->assertEquals($result->getStatusCode(), 204);
+    }
+
+    public function testRevokeRefreshToken()
+    {
+        $response = m::mock(ResponseInterface::class);
+        $response->shouldReceive('getBody')->andReturn('{"client_id":'.self::MOCK_CLIENT_ID.', "client_secret":'.self::MOCK_SECRET.', "redirect_uri":'.self::REDIRECT_URI.', "token_type_hint":"refresh_token":"mock_refresh_token"}');
+        $response->shouldReceive('getHeader')->andReturn(['content-type' => 'application/x-www-form-urlencoded']);
+        $response->shouldReceive('getStatusCode')->andReturn(204);
+
+        $client = m::mock(ClientInterface::class);
+        $client->shouldReceive('send')->times(1)->andReturn($response);
+
+        $this->provider->setHttpClient($client);
+
+        $result = $this->provider->revokeRefreshToken('mock_refresh_token');
+
+        $this->assertEquals($result->getStatusCode(), 204);
+    }
+
     public function testExceptionThrownWhenErrorObjectReceived()
     {
         $message = uniqid();