I am using angularx-social-login for authenticating users with Google.
The token is retrieved like this:
https://accounts.google.com/o/oauth2/iframerpc?action=issueToken&response_type=token%20id_token&login_hint=LOGIN_HINT&client_id=CLIENT_ID&origin=http%3A%2F%2Flocalhost%3A4200&scope=openid%20profile%20email&ss_domain=http%3A%2F%2Flocalhost%3A4200
The response is a JSON object, and the access token is responseData.access_token.
For revocation, I first download https://accounts.google.com/.well-known/openid-configuration, find the revocation endpoint as https://oauth2.googleapis.com/revoke?token=TOKEN and following https://developers.google.com/identity/protocols/OAuth2WebServer#tokenrevoke (select the tab HTTP/REST in the example box) I send the request with:
curl -D- -H "Content-type:application/x-www-form-urlencoded" "https://oauth2.googleapis.com/revoke?token=TOKEN"
But instead of a successful response I get:
HTTP/1.1 404 Not Found
Date: Thu, 16 Jan 2020 18:07:59 GMT
Content-Type: text/html; charset=UTF-8
Server: ESF
Content-Length: 1710
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Alt-Svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
And the body of the response contains something like "The requested URL ... was not found on this server. That's all we know."
I have already tried with DELETE or POST or passing the token in the Authorize header as a Bearer token instead of a query parameter but at no avail; the response is always the same.
What is going wrong?
