fix: revoke by client_id

src/main/java/io/supertokens/oauth/OAuth.java

@@ -468,13 +468,9 @@ public static JsonObject introspectAccessToken(Main main, AppIdentifier appIdent
         return result;
     }
 
-    public static void revokeAllConsentSessions(Main main, AppIdentifier appIdentifier, Storage storage, String subject, String clientId) throws StorageQueryException {
+    public static void revokeTokensForClientId(Main main, AppIdentifier appIdentifier, Storage storage, String clientId) throws StorageQueryException {
         OAuthStorage oauthStorage = StorageUtils.getOAuthStorage(storage);
-        if (clientId == null) {
-            oauthStorage.revoke(appIdentifier, "sub", subject);
-        } else {
-            oauthStorage.revoke(appIdentifier, "client_id_sub", clientId + ":" + subject);
-        }
+        oauthStorage.revoke(appIdentifier, "client_id", clientId);
     }
 
 	public static void revokeRefreshToken(Main main, AppIdentifier appIdentifier, Storage storage, String token) throws StorageQueryException, NoSuchAlgorithmException {

src/main/java/io/supertokens/webserver/Webserver.java

@@ -286,7 +286,7 @@ private void setupRoutes() {
         addAPI(new OAuthTokenIntrospectAPI(main));
 
         addAPI(new RevokeOAuthTokenAPI(main));
-        addAPI(new RevokeOAuthConsentSessionsAPI(main));
+        addAPI(new RevokeOAuthTokensAPI(main));
         addAPI(new RevokeOAuthSessionAPI(main));
 
         StandardContext context = tomcatReference.getContext();

src/main/java/io/supertokens/webserver/api/oauth/RevokeOAuthTokensAPI.java

@@ -0,0 +1,70 @@
+package io.supertokens.webserver.api.oauth;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+import com.google.gson.JsonObject;
+
+import io.supertokens.Main;
+import io.supertokens.multitenancy.exception.BadPermissionException;
+import io.supertokens.oauth.HttpRequestForOry;
+import io.supertokens.oauth.OAuth;
+import io.supertokens.pluginInterface.RECIPE_ID;
+import io.supertokens.pluginInterface.Storage;
+import io.supertokens.pluginInterface.exceptions.StorageQueryException;
+import io.supertokens.pluginInterface.multitenancy.AppIdentifier;
+import io.supertokens.pluginInterface.multitenancy.exceptions.TenantOrAppNotFoundException;
+import io.supertokens.webserver.InputParser;
+import io.supertokens.webserver.WebserverAPI;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+
+public class RevokeOAuthTokensAPI extends WebserverAPI {
+
+    public RevokeOAuthTokensAPI(Main main){
+        super(main, RECIPE_ID.OAUTH.toString());
+    }
+
+    @Override
+    public String getPath() {
+        return "/recipe/oauth/tokens/revoke";
+    }
+
+    @Override
+    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException, ServletException {
+        JsonObject input = InputParser.parseJsonObjectOrThrowError(req);
+        String clientId = InputParser.parseStringOrThrowError(input, "client_id", false);
+
+        try {
+            AppIdentifier appIdentifier = getAppIdentifier(req);
+            Storage storage = enforcePublicTenantAndGetPublicTenantStorage(req);
+
+            OAuth.revokeTokensForClientId(main, appIdentifier, storage, clientId);
+
+            Map<String, String> queryParams = new HashMap<>();
+            queryParams.put("client_id", clientId);
+
+            HttpRequestForOry.Response response = OAuthProxyHelper.proxyJsonDELETE(
+                main, req, resp,
+                appIdentifier,
+                storage,
+                null, // clientIdToCheck
+                "/admin/oauth2/tokens", // proxyPath
+                true, // proxyToAdmin
+                false, // camelToSnakeCaseConversion
+                queryParams, // queryParams
+                new JsonObject(), // jsonInput
+                new HashMap<>() // headers
+            );
+
+            if (response != null) {
+                response.jsonResponse.getAsJsonObject().addProperty("status", "OK");
+                super.sendJsonResponse(200, response.jsonResponse, resp);
+            }
+        } catch (IOException | TenantOrAppNotFoundException | BadPermissionException | StorageQueryException e) {
+            throw new ServletException(e);
+        }
+    }
+}