Updated per review.

Author: Fosco Marotto

src/Parse/ParseClient.php

@@ -399,6 +399,7 @@ public static function getLocalPushDateFormat($value)
    * all requests for the app to use them.  After calling this method, login & signup requests
    * will be returned a unique and revocable session token.
    *
+   * @return null
    */
   public static function enableRevocableSessions()
   {

src/Parse/ParseSession.php

@@ -6,7 +6,7 @@
 use Parse\ParseUser;
 
 /**
- * ParseSession - Representation of an expiring user session
+ * ParseSession - Representation of an expiring user session.
  *
  * @package  Parse
  * @author   Fosco Marotto <fjm@fb.com>
@@ -31,15 +31,15 @@ public function getSessionToken()
   /**
    * Retrieves the Session object for the currently logged in user.
    *
-   * @param boolean $useMasterKey If the Master Key should be used to override security
+   * @param boolean $useMasterKey If the Master Key should be used to override security.
    *
    * @return ParseSession
    */
   public static function getCurrentSession($useMasterKey = false)
   {
-    $session = new ParseSession();
     $token = ParseUser::getCurrentUser()->getSessionToken();
     $response = ParseClient::_request('GET', '/1/sessions/me', $token, null, $useMasterKey);
+    $session = new ParseSession();
     $session->_mergeAfterFetch($response);
     $session->handleSaveResult();
     return $session;

src/Parse/ParseUser.php

@@ -169,9 +169,10 @@ public static function become($sessionToken)
    */
   public static function logOut()
   {
-    if (ParseUser::getCurrentUser()) {
+    $user = ParseUser::getCurrentUser();
+    if ($user) {
       try {
-        $result = ParseClient::_request('GET', '/1/logout');
+        ParseClient::_request('POST', '/1/logout', $user->getSessionToken());
       } catch (ParseException $ex) {
         // If this fails, we're going to ignore it.
       }

tests/ParseSessionTest.php

@@ -32,7 +32,7 @@ public static function tearDownAfterClass()
     ParseSession::_unregisterSubclass();
   }
 
-  public function testGetCurrentSession()
+  public function testRevocableSession()
   {
     ParseClient::enableRevocableSessions();
     $user = new ParseUser();
@@ -42,6 +42,20 @@ public function testGetCurrentSession()
     $session = ParseSession::getCurrentSession();
     $this->assertEquals($user->getSessionToken(), $session->getSessionToken());
     $this->assertTrue($session->isCurrentSessionRevocable());
+
+    ParseUser::logOut();
+
+    ParseUser::logIn("username", "password");
+    $session = ParseSession::getCurrentSession();
+    $this->assertEquals(ParseUser::getCurrentUser()->getSessionToken(), $session->getSessionToken());
+    $this->assertTrue($session->isCurrentSessionRevocable());
+
+    $sessionToken = $session->getSessionToken();
+
+    ParseUser::logOut();
+
+    $this->setExpectedException('Parse\ParseException', 'invalid session token');
+    ParseUser::become($sessionToken);
   }
 
 }