Disconnect websockets after token is revoked (#57091)

Co-authored-by: Paulus Schoutsen <paulus@home-assistant.io>

homeassistant/components/websocket_api/auth.py

@@ -11,7 +11,7 @@ from voluptuous.humanize import humanize_error
 from homeassistant.auth.models import RefreshToken, User
 from homeassistant.components.http.ban import process_success_login, process_wrong_login
 from homeassistant.const import __version__
-from homeassistant.core import HomeAssistant
+from homeassistant.core import CALLBACK_TYPE, HomeAssistant
 
 from .connection import ActiveConnection
 from .error import Disconnect
@@ -57,11 +57,13 @@ class AuthPhase:
         logger: WebSocketAdapter,
         hass: HomeAssistant,
         send_message: Callable[[str | dict[str, Any]], None],
+        cancel_ws: CALLBACK_TYPE,
         request: Request,
     ) -> None:
         """Initialize the authentiated connection."""
         self._hass = hass
         self._send_message = send_message
+        self._cancel_ws = cancel_ws
         self._logger = logger
         self._request = request
 
@@ -83,7 +85,14 @@ class AuthPhase:
                 msg["access_token"]
             )
             if refresh_token is not None:
-                return await self._async_finish_auth(refresh_token.user, refresh_token)
+                conn = await self._async_finish_auth(refresh_token.user, refresh_token)
+                conn.subscriptions[
+                    "auth"
+                ] = self._hass.auth.async_register_revoke_token_callback(
+                    refresh_token.id, self._cancel_ws
+                )
+
+                return conn
 
         self._send_message(auth_invalid_message("Invalid access token or password"))
         await process_wrong_login(self._request)