23

I'm using Google APIs Client Library for JavaScript (Beta) to authorize user google account on web application (for youtube manipulations). Everything works fine, but i have no idea how to "logout" user from my application, i.e. reset access tokens.

For example, following code checks user authorization and if not, shows popup window for user to log into account and permit web-application access to user data:

gapi.auth.authorize({client_id: CLIENT_ID, scope: SCOPES, immediate: false}, handleAuth);

But client library doesn't have methods to reset authorization.

There is workaround to redirect user to "accounts.google.com/logout", but this approach is not that i need: thus we logging user off from google account not only from my application, but also anywhere.

Google faq and client library description neither helpful.

ZavtraMen
  • 323
  • 1
  • 2
  • 7
  • [Duplicate question](http://stackoverflow.com/questions/14723383/google-logout-using-api-javascript-jquery) – Mark S. Mar 26 '13 at 20:45

5 Answers5

18

Try revoking an access token, that should revoke the actual grant so auto-approvals will stop working. I assume this will solve your issue.

https://developers.google.com/accounts/docs/OAuth2WebServer#tokenrevoke

mariuss
  • 902
  • 6
  • 7
  • 2
    For a JavaScript solution, see this other question: http://stackoverflow.com/questions/12809339/how-to-revoke-an-authentication-token-client-side-against-the-google-api/19205371#19205371 – Nacho Coloma Aug 06 '14 at 10:18
  • How to revoke credentials with access token? – Jay Patel Aug 30 '18 at 07:43
8

Its very simple. Just revoke the access.

void RevokeAcess()
{
    try{
    HttpClient client = new DefaultHttpClient();
    HttpPost post = new HttpPost("https://accounts.google.com/o/oauth2/revoke?token="+ACCESS_TOKEN);
    org.apache.http.HttpResponse response = client.execute(post);
    }
    catch(IOException e)
    {
    }
}

But it should be in asyncTask

Vinoj John Hosan
  • 6,448
  • 2
  • 41
  • 37
6

It depends what you mean by resetting authorization. I could think of a three ways of doing this:

  1. Remove authorization on the server
    Go to myaccount.google.com/permissions, find your app and remove it. The next time you try to sign in you have to complete full authorization flow with account chooser and consent screen.

  2. Sign out on the client
    gapi.auth2.getAuthInstance().signOut();
    In this way Google authorization server still remembers your app and the authorization token remains in browser storage.

  3. Sign out and disconnect
    gapi.auth2.getAuthInstance().signOut();
    gapi.auth2.getAuthInstance().disconnect();
    This is equivalent to (1) but on the client.

Stan Bashtavenko
  • 1,025
  • 11
  • 16
0

Simply use: gapi.auth.setToken(null);

HasanAboShally
  • 18,459
  • 7
  • 30
  • 34
0

Solution for dotnet, call below API and pass the access token, doc - https://developers.google.com/identity/protocols/oauth2/web-server#tokenrevoke

        string url = "https://accounts.google.com/o/oauth2/revoke?token=" + profileToken.ProfileAccessToken;
        RestClient client = new RestClient(url);

        var req = new RestRequest(Method.POST);
        IRestResponse resp = client.Execute(req);
Ishika Jain
  • 949
  • 2
  • 11
  • 23