chore: Update FoDSessionLogoutCommand (resolves #422)

fortify · Sep 11, 2023 · 840a253 · 840a253
1 parent 7d6942f
commit 840a253
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/...od/src/main/java/com/fortify/cli/fod/_common/session/cli/cmd/FoDSessionLogoutCommand.java b/...od/src/main/java/com/fortify/cli/fod/_common/session/cli/cmd/FoDSessionLogoutCommand.java
@@ -28,6 +28,9 @@ public class FoDSessionLogoutCommand extends AbstractSessionLogoutCommand<FoDSes
 
     @Override
     protected void logout(String sessionName, FoDSessionDescriptor sessionDescriptor) {
-        // TODO Can we revoke a previously generated FoD token?
+        // FoD provides an undocumented /oauth/retireToken endpoint that we could potentially 
+        // call here. However, it's not documented and FoD dev stated that it's not necessary
+        // to explicitly retire tokens as they expire in 6 hours anyway. See the following issue
+        // for more information: https://github.com/fortify/fcli/issues/422
     }
 }