API管理器OAuth令牌撤銷有問題

Question

我正在使用SAML2承載器斷言配置文件來獲取WSO2 API管理器的OAuth令牌。我有兩個客戶端應用程序。在OAuth令牌撤銷過程中，我使用以下代碼：

public static boolean revokeToken(Token token) throws IOException { 
    //Create connection to the Token endpoint of API manger 
    URL url = new URL(Config.apiMangerOAuthRevokeURL); 

    HttpURLConnection connection = (HttpURLConnection) url.openConnection(); 
    connection.setRequestMethod("POST"); 
    connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded;charset=UTF-8"); 

    String userCredentials = Config.apiMangerClientID+":"+ Config.apiMangerClientSecret; 
    String basicAuth = "Basic " + new String(Base64.encodeBytes(userCredentials.getBytes())); 
    basicAuth = basicAuth.replaceAll("\\r|\\n", ""); 

    // Set the consumer-key and Consumer-secret 
    connection.setRequestProperty("Authorization", basicAuth); 
    connection.setUseCaches(false); 
    connection.setDoInput(true); 
    connection.setDoOutput(true); 

    //Send request 
    DataOutputStream wr = new DataOutputStream(connection.getOutputStream()); 
    wr.writeBytes("token="+token.getAccess_token()); 
    wr.flush(); 
    wr.close(); 

    //Get Response 
    InputStream iss = connection.getInputStream(); 
    BufferedReader rd = new BufferedReader(new InputStreamReader(iss)); 

    String line; 
    StringBuffer responseString = new StringBuffer(); 
    while ((line = rd.readLine()) != null) { 
     responseString.append(line); 
     responseString.append('\r'); 
    } 

    rd.close(); 

    System.out.println("Revoking Token Mobile-"+token.getAccess_token()); 
    System.out.println("Revoking Response Mobile -"+responseString.toString()); 

    return true 
      ; 
} 

一個客戶端應用程序執行撤消過程。我試圖在撤銷後使用CURL調用API，它按預期失敗。但使用相同的上述邏輯來撤銷令牌的其他客戶端應用程序可以很好地返回。但令牌在撤銷後有效。我可以使用CURL來查詢API。這裏出了什麼問題？

Answer 1

API管理器默認啓用了緩存並將其設置爲15分鐘。嘗試禁用它。