jazzband · n2ygk · Feb 7, 2021 · Dec 16, 2020 · Dec 16, 2020 · Jan 12, 2021
diff --git a/AUTHORS b/AUTHORS
@@ -35,3 +35,5 @@ Jun Zhou
 David Smith
 Łukasz Skarżyński
 Tom Evans
+Dylan Giesler
+Spencer Carroll
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -22,6 +22,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Added
 * #884 Added support for Python 3.9
 
+### Fixed
+* made token revocation not apply a limit to the `select_for_update` statement #866
+
 ## [1.3.3] 2020-10-16
 
 ### Added

diff --git a/oauth2_provider/models.py b/oauth2_provider/models.py
@@ -401,13 +401,15 @@ def revoke(self):
         access_token_model = get_access_token_model()
         refresh_token_model = get_refresh_token_model()
         with transaction.atomic():
-            self = (
-                refresh_token_model.objects.filter(pk=self.pk, revoked__isnull=True)
-                .select_for_update()
-                .first()
-            )
-            if not self:
+            try:
+                token = refresh_token_model.objects.select_for_update().filter(
+                    pk=self.pk, revoked__isnull=True
+                )
+            except refresh_token_model.DoesNotExist:
+                return
+            if not token:
                 return
+            self = list(token)[0]
 
             try:
                 access_token_model.objects.get(id=self.access_token_id).revoke()