feat: API for deleting a client's access tokens (#2058)

Closes #1728

.schema/api.swagger.json

@@ -1740,6 +1740,48 @@
         }
       }
     },
+    "/oauth2/tokens": {
+      "delete": {
+        "description": "This endpoint deletes OAuth2 access tokens issued for a client from the database",
+        "consumes": [
+          "application/json"
+        ],
+        "schemes": [
+          "http",
+          "https"
+        ],
+        "tags": [
+          "admin"
+        ],
+        "summary": "Delete OAuth2 Access Tokens from a client",
+        "operationId": "deleteOAuth2Token",
+        "parameters": [
+          {
+            "type": "string",
+            "name": "client_id",
+            "in": "query",
+            "required": true
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is\ntypically 201."
+          },
+          "401": {
+            "description": "genericError",
+            "schema": {
+              "$ref": "#/definitions/genericError"
+            }
+          },
+          "500": {
+            "description": "genericError",
+            "schema": {
+              "$ref": "#/definitions/genericError"
+            }
+          }
+        }
+      }
+    },
     "/userinfo": {
       "get": {
         "security": [

cmd/cli/handler_token.go

@@ -72,3 +72,17 @@ func (h *TokenHandler) FlushTokens(cmd *cobra.Command, args []string) {
 	cmdx.Must(err, "The request failed with the following error message:\n%s", formatSwaggerError(err))
 	fmt.Println("Successfully flushed inactive access tokens")
 }
+
+func (h *TokenHandler) DeleteToken(cmd *cobra.Command, args []string) {
+	handler := configureClient(cmd)
+	clientID := flagx.MustGetString(cmd, "client-id")
+	if clientID == "" {
+		cmdx.Fatalf(`%s
+
+Please provide a Client ID using flags --client-id, or environment variables OAUTH2_CLIENT_ID
+`, cmd.UsageString())
+	}
+	_, err := handler.Admin.DeleteOAuth2Token(admin.NewDeleteOAuth2TokenParams().WithClientID(clientID))
+	cmdx.Must(err, "The request failed with the following error message:\n%s", formatSwaggerError(err))
+	fmt.Printf("Successfully deleted access tokens for client %s\n", clientID)
+}

cmd/token_delete.go

@@ -0,0 +1,41 @@
+/*
+ * Copyright © 2015-2018 Aeneas Rekkas <aeneas+oss@aeneas.io>
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * @author		Aeneas Rekkas <aeneas+oss@aeneas.io>
+ * @copyright 	2015-2018 Aeneas Rekkas <aeneas+oss@aeneas.io>
+ * @license 	Apache-2.0
+ */
+
+package cmd
+
+import (
+	"os"
+
+	"github.com/spf13/cobra"
+)
+
+// deleteCmd represents the delete command
+var tokenDeleteCmd = &cobra.Command{
+	Use:   "delete",
+	Short: "Deletes access tokens of a client",
+	Run:   cmdHandler.Token.DeleteToken,
+}
+
+func init() {
+	tokenCmd.AddCommand(tokenDeleteCmd)
+	tokenDeleteCmd.Flags().String("client-id", os.Getenv("OAUTH2_CLIENT_ID"), "Use the provided OAuth 2.0 Client ID, defaults to environment variable OAUTH2_CLIENT_ID")
+	tokenDeleteCmd.Flags().String("endpoint", os.Getenv("HYDRA_URL"), "Set the URL where ORY Hydra is hosted, defaults to environment variable HYDRA_URL")
+	tokenDeleteCmd.Flags().String("access-token", os.Getenv("OAUTH2_ACCESS_TOKEN"), "Set an access token to be used in the Authorization header, defaults to environment variable OAUTH2_ACCESS_TOKEN")
+}