Logout from OAuth2 - Google App Engine/Python

Question

There is plenty of documentation on how to sign users in with OAuth2, but I haven't found any documentation as easily to sign a user out. Does anyone know how I can do this? I just want to sign the user out of my app, so another person can log in.

Here is my log in code if that's helpful:

import jinja2
import os
import webapp2

from apiclient.discovery import build
from oauth2client.contrib.appengine import OAuth2Decorator
from google.appengine.api import users


decorator = OAuth2Decorator(
    client_id='',
    client_secret='',
    scope='https://www.googleapis.com/auth/userinfo.email')

template_env = jinja2.Environment(
    loader=jinja2.FileSystemLoader(os.getcwd()))

class LoginHandler(webapp2.RequestHandler):
    @decorator.oauth_required
    def get(self):
        user = users.get_current_user()

        template = template_env.get_template('index.html')
        context = {
             'user': user,
        }

        self.response.out.write(template.render(context))

application = webapp2.WSGIApplication(
    [
     ('/login', LoginHandler),
     (decorator.callback_path, decorator.callback_handler())
    ],
    debug=True)

Answer 1

I think you are confusing authentication (Open Id connect) with authorization (Oauth2). Oauth2 gives you authorization to access a users data it has nothing to do with authenticating a user. You would never logout a Oauth2 authorization.

That being said you can revoke your access to a users data and then they will be prompted to grant you access again.

requests.post('https://accounts.google.com/o/oauth2/revoke',
    params={'token': credentials.token},
    headers = {'content-type': 'application/x-www-form-urlencoded'})

see revoke token for more info