diff --git a/crates/matrix-sdk/src/authentication/oidc/cross_process.rs b/crates/matrix-sdk/src/authentication/oidc/cross_process.rs index 5ba0344cbd1..c059bfddbf5 100644 --- a/crates/matrix-sdk/src/authentication/oidc/cross_process.rs +++ b/crates/matrix-sdk/src/authentication/oidc/cross_process.rs @@ -611,14 +611,11 @@ mod tests { oidc.logout().await?; - // Both the access token and the refresh tokens have been invalidated. + // The access token has been invalidated. { let revoked = backend.revoked_tokens.lock().unwrap(); - assert_eq!(revoked.len(), 2); - assert_eq!( - *revoked, - vec![tokens.access_token.clone(), tokens.refresh_token.clone().unwrap(),] - ); + assert_eq!(revoked.len(), 1); + assert_eq!(*revoked, &[tokens.access_token.clone()]); } { diff --git a/crates/matrix-sdk/src/authentication/oidc/mod.rs b/crates/matrix-sdk/src/authentication/oidc/mod.rs index 15b3a140556..9c71dc7ed14 100644 --- a/crates/matrix-sdk/src/authentication/oidc/mod.rs +++ b/crates/matrix-sdk/src/authentication/oidc/mod.rs @@ -1556,7 +1556,7 @@ impl Oidc { let tokens = self.session_tokens().ok_or(OidcError::NotAuthenticated)?; - // Revoke the access token. + // Revoke the access token, it should revoke both tokens. self.backend .revoke_token( client_credentials.clone(), @@ -1566,18 +1566,6 @@ impl Oidc { ) .await?; - // Revoke the refresh token, if any. - if let Some(refresh_token) = tokens.refresh_token { - self.backend - .revoke_token( - client_credentials.clone(), - revocation_endpoint, - refresh_token, - Some(OAuthTokenTypeHint::RefreshToken), - ) - .await?; - } - if let Some(manager) = self.ctx().cross_process_token_refresh_manager.get() { manager.on_logout().await?; }