From b254e078a20156a028723f80fe05262be7df7199 Mon Sep 17 00:00:00 2001
From: Leonard Chin <3714+l15n@users.noreply.github.com>
Date: Thu, 3 Oct 2024 09:08:14 +0900
Subject: [PATCH] Add endpoint to Revoke a session

---
 lib/auth0/api/v2/sessions.rb           |  9 +++++++++
 spec/lib/auth0/api/v2/sessions_spec.rb | 23 +++++++++++++++++++++++
 2 files changed, 32 insertions(+)

diff --git a/lib/auth0/api/v2/sessions.rb b/lib/auth0/api/v2/sessions.rb
index 0d7b6499..8efeceab 100644
--- a/lib/auth0/api/v2/sessions.rb
+++ b/lib/auth0/api/v2/sessions.rb
@@ -23,6 +23,15 @@ def delete_session(session_id)
           delete "#{sessions_path}/#{session_id}"
         end
 
+        # Revokes a session by ID and all associated refresh tokens
+        # @see https://auth0.com/docs/api/management/v2/sessions/revoke-session
+        # @param id [string] The ID of the session to revoke
+        def revoke_session(session_id)
+          raise Auth0::InvalidParameter, 'Must supply a valid session_id' if session_id.to_s.empty?
+
+          post "#{sessions_path}/#{session_id}/revoke"
+        end
+
         private
 
         def sessions_path
diff --git a/spec/lib/auth0/api/v2/sessions_spec.rb b/spec/lib/auth0/api/v2/sessions_spec.rb
index d17bc4d7..82107512 100644
--- a/spec/lib/auth0/api/v2/sessions_spec.rb
+++ b/spec/lib/auth0/api/v2/sessions_spec.rb
@@ -1,12 +1,14 @@
 # frozen_string_literal: true
 
 require 'spec_helper'
+
 describe Auth0::Api::V2::Sessions do
   before :all do
     dummy_instance = DummyClass.new
     dummy_instance.extend(Auth0::Api::V2::Sessions)
     @instance = dummy_instance
   end
+
   context '.session' do
     it 'is expected to respond to a session method' do
       expect(@instance).to respond_to(:session)
@@ -26,6 +28,7 @@
       expect { @instance.session(nil) }.to raise_error('Must supply a valid session_id')
     end
   end
+
   context '.delete_session' do
     it 'is expected to respond to a delete_session method' do
       expect(@instance).to respond_to(:delete_session)
@@ -45,4 +48,24 @@
       expect { @instance.delete_session(nil) }.to raise_error('Must supply a valid session_id')
     end
   end
+
+  context '.revoke_session' do
+    it 'is expected to respond to a revoke_session method' do
+      expect(@instance).to respond_to(:revoke_session)
+    end
+
+    it 'is expected to POST to /api/v2/sessions/{id}/revoke' do
+      expect(@instance).to receive(:post).with(
+        '/api/v2/sessions/SESSION_ID/revoke'
+      )
+
+      expect do
+        @instance.revoke_session('SESSION_ID')
+      end.not_to raise_error
+    end
+
+    it 'is expected to raise an exception when the session ID is empty' do
+      expect { @instance.revoke_session(nil) }.to raise_error('Must supply a valid session_id')
+    end
+  end
 end