From e16dd958e351c39371db943fec359677c950c9ec Mon Sep 17 00:00:00 2001
From: Joseph Warner <hardolaf@hardolaf.com>
Date: Fri, 2 Aug 2013 14:31:12 -0400
Subject: [PATCH] [feature/oauth] OAuth clear tokens on logout

PHPBB3-11673
---
 phpBB/phpbb/auth/provider/oauth/oauth.php | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php
index 3528c0b83f..786caf5463 100644
--- a/phpBB/phpbb/auth/provider/oauth/oauth.php
+++ b/phpBB/phpbb/auth/provider/oauth/oauth.php
@@ -419,4 +419,18 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base
 		// Update token storage to store the user_id
 		$storage->set_user_id($link_data['user_id']);
 	}
+
+	/**
+	* {@inheritdoc}
+	*/
+	public function logout($data, $new_session)
+	{
+		// Clear all tokens belonging to the user
+		$sql = 'DELETE FROM ' . $this->auth_provider_oauth_token_storage_table . "
+			WHERE session_id = '" . $this->db->sql_escape($this->user->session_id) . "'
+				AND user_id = " . (int) $this->user->data['user_id'];
+		$this->db->sql_query($sql);
+
+		return;
+	}
 }