Hi all, I m using Apache Oltu as OAuth library to authenticate users against Google, Yahoo and Microsoft. It has worked great. Within my application I need to ask the user to re-authenticate themselves before accessing certain pages. This is what I have found so far on this topic.
Google - lets you revoke access token using "https://accounts.google.com/o/oauth2/revoke?token=";. But this doesn't force re-authentication by password entry but displays only the consent screen again. Yahoo - has no support for this. We have to log the user out using something like https://login.yahoo.com/config/login?logout=1. Microsoft - has url "https://login.live.com/oauth20_logout.srf?client_id=CLIENT_ID&redirect_url=REDIRECT_URL"; to support this behavior. I am in the process of testing it. Does Oltu have any apis related to this functionality? Has any open tried to implement this? Any help is much appreciated. Thank you. Regards, Jude.
