Delete Refresh token before Access Token to avoid cascade deadlock

Author: NiekHoekstra

oauth2_provider/models.py

@@ -335,8 +335,10 @@ def revoke(self):
         Delete this refresh token along with related access token
         """
         access_token_model = get_access_token_model()
-        access_token_model.objects.get(id=self.access_token.id).revoke()
+        token = access_token_model.objects.get(id=self.access_token.id)
+        # Avoid cascade by deleting self first.
         self.delete()
+        token.revoke()
 
     def __str__(self):
         return self.token