diff --git a/src/Service/CredentialsRevoker/DoctrineCredentialsRevoker.php b/src/Service/CredentialsRevoker/DoctrineCredentialsRevoker.php
index eafbbdb3..a3449bc9 100644
--- a/src/Service/CredentialsRevoker/DoctrineCredentialsRevoker.php
+++ b/src/Service/CredentialsRevoker/DoctrineCredentialsRevoker.php
@@ -40,8 +40,9 @@ public function revokeCredentialsForUser(UserInterface $user): void
 
         $this->entityManager->createQueryBuilder()
             ->update(AccessToken::class, 'at')
-            ->set('at.revoked', true)
+            ->set('at.revoked', ':revoked')
             ->where('at.userIdentifier = :userIdentifier')
+            ->setParameter('revoked', true)
             ->setParameter('userIdentifier', $userIdentifier)
             ->getQuery()
             ->execute();
@@ -49,7 +50,7 @@ public function revokeCredentialsForUser(UserInterface $user): void
         $queryBuilder = $this->entityManager->createQueryBuilder();
         $queryBuilder
             ->update(RefreshToken::class, 'rt')
-            ->set('rt.revoked', true)
+            ->set('rt.revoked', ':revoked')
             ->where($queryBuilder->expr()->in(
                 'rt.accessToken',
                 $this->entityManager->createQueryBuilder()
@@ -58,14 +59,16 @@ public function revokeCredentialsForUser(UserInterface $user): void
                     ->where('at.userIdentifier = :userIdentifier')
                     ->getDQL()
             ))
+            ->setParameter('revoked', true)
             ->setParameter('userIdentifier', $userIdentifier)
             ->getQuery()
             ->execute();
 
         $this->entityManager->createQueryBuilder()
             ->update(AuthorizationCode::class, 'ac')
-            ->set('ac.revoked', true)
+            ->set('ac.revoked', ':revoked')
             ->where('ac.userIdentifier = :userIdentifier')
+            ->setParameter('revoked', true)
             ->setParameter('userIdentifier', $userIdentifier)
             ->getQuery()
             ->execute();
@@ -78,15 +81,16 @@ public function revokeCredentialsForClient(AbstractClient $client): void
 
         $this->entityManager->createQueryBuilder()
             ->update(AccessToken::class, 'at')
-            ->set('at.revoked', true)
+            ->set('at.revoked', ':revoked')
             ->where('at.client = :client')
             ->setParameter('client', $doctrineClient->getIdentifier(), 'string')
+            ->setParameter('revoked', true)
             ->getQuery()
             ->execute();
 
         $queryBuilder = $this->entityManager->createQueryBuilder();
         $queryBuilder->update(RefreshToken::class, 'rt')
-            ->set('rt.revoked', true)
+            ->set('rt.revoked', ':revoked')
             ->where($queryBuilder->expr()->in(
                 'rt.accessToken',
                 $this->entityManager->createQueryBuilder()
@@ -96,14 +100,16 @@ public function revokeCredentialsForClient(AbstractClient $client): void
                     ->getDQL()
             ))
             ->setParameter('client', $doctrineClient->getIdentifier(), 'string')
+            ->setParameter('revoked', true)
             ->getQuery()
             ->execute();
 
         $this->entityManager->createQueryBuilder()
             ->update(AuthorizationCode::class, 'ac')
-            ->set('ac.revoked', true)
+            ->set('ac.revoked', ':revoked')
             ->where('ac.client = :client')
             ->setParameter('client', $doctrineClient->getIdentifier(), 'string')
+            ->setParameter('revoked', true)
             ->getQuery()
             ->execute();
     }