From 80100f53ab9d53de7d346b58a0205f14e67b08e2 Mon Sep 17 00:00:00 2001
From: Jason Paryani <github@jparyani.com>
Date: Tue, 24 Mar 2015 16:56:53 -0700
Subject: [PATCH 1/2] Add Accounts.oauth.deregisterService method

Also change the Accounts.registerLoginHandler callback for
accounts-oauth to error out on non-registered services.
---
 packages/accounts-oauth/oauth_common.js | 11 +++++++++++
 packages/accounts-oauth/oauth_server.js | 13 ++++++++++++-
 2 files changed, 23 insertions(+), 1 deletion(-)

diff --git a/packages/accounts-oauth/oauth_common.js b/packages/accounts-oauth/oauth_common.js
index 031cd0eace..ef3bc48f24 100644
--- a/packages/accounts-oauth/oauth_common.js
+++ b/packages/accounts-oauth/oauth_common.js
@@ -19,6 +19,17 @@ Accounts.oauth.registerService = function (name) {
   }
 };
 
+// Removes a previously registered service.
+// This will disable logging in with this service, and serviceNames() will not
+// contain it.
+// It's worth noting that already logged in users will remain logged in unless
+// you manually expire their sessions.
+Accounts.oauth.deregisterService = function (name) {
+  if (!_.has(services, name))
+    throw new Error("Service not found: " + name);
+  delete services[name];
+};
+
 Accounts.oauth.serviceNames = function () {
   return _.keys(services);
 };
diff --git a/packages/accounts-oauth/oauth_server.js b/packages/accounts-oauth/oauth_server.js
index cfbdad9e81..981fe91777 100644
--- a/packages/accounts-oauth/oauth_server.js
+++ b/packages/accounts-oauth/oauth_server.js
@@ -41,6 +41,17 @@ Accounts.registerLoginHandler(function (options) {
     // We tried to login, but there was a fatal error. Report it back
     // to the user.
     throw result;
-  else
+  else {
+    if (!_.contains(Accounts.oauth.serviceNames(), result.serviceName)) {
+      // serviceName was not found in the registered services list.
+      // This could happen because the service never registered itself or
+      // deregisterService was called on it.
+      return { type: "oauth",
+               error: new Meteor.Error(
+                 Accounts.LoginCancelledError.numericError,
+                 "No registered oauth service found for: " + result.serviceName) };
+
+    }
     return Accounts.updateOrCreateUserFromExternalService(result.serviceName, result.serviceData, result.options);
+  }
 });

From 82884c4ec6144bd461a9d4c4508dc3a58e104e97 Mon Sep 17 00:00:00 2001
From: David Glasser <glasser@davidglasser.net>
Date: Fri, 27 Mar 2015 12:21:43 -0700
Subject: [PATCH 2/2] History update

---
 History.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/History.md b/History.md
index 0609642bb2..d9bdbf4e7d 100644
--- a/History.md
+++ b/History.md
@@ -23,6 +23,12 @@
 * Preserve the value of `_` in `meteor shell`.  #4010
 
 
+## Meteor Accounts
+
+* Add `Accounts.oauth.deregisterService` method, and ensure that users can only
+  log in with currently registered services.  #4014
+
+
 ## v1.1, 2015-??
 
 ### Windows Support