Added stinky token check endpoint.

2024-07-21 01:28:54 +00:00 · 2024-07-21 01:28:54 +00:00 · 31c54b966a
commit 31c54b966a
parent 1149341cc9
1 changed files with 32 additions and 0 deletions
--- a/src/OAuth2/OAuth2Routes.php
+++ b/src/OAuth2/OAuth2Routes.php
@ -753,4 +753,36 @@ final class OAuth2Routes extends RouteHandler {

        return $result;
    }
+
+    // this is a temporary endpoint so i can actually use access tokens for something already
+    #[HttpGet('/oauth2/check_token_do_not_rely_on_this_existing_in_a_year')]
+    public function postIntrospect($response, $request) {
+        $authzHeader = explode(' ', (string)$request->getHeaderLine('Authorization'));
+        if($authzHeader[0] !== 'Bearer' || count($authzHeader) < 2) {
+            $response->setStatusCode(401);
+            $response->setHeader('WWW-Authenticate', 'Bearer');
+            return ['success' => false];
+        }
+
+        try {
+            $tokenInfo = $this->oauth2Ctx->getTokensData()->getAccessInfo($authzHeader[1], OAuth2TokensData::ACCESS_BY_TOKEN);
+        } catch(RuntimeException $ex) {
+            $response->setStatusCode(401);
+            $response->setHeader('WWW-Authenticate', 'Bearer');
+            return ['success' => false];
+        }
+
+        if($tokenInfo->hasExpired()) {
+            $response->setStatusCode(401);
+            $response->setHeader('WWW-Authenticate', 'Bearer');
+            return ['success' => false];
+        }
+
+        return [
+            'success' => true,
+            'user_id' => $tokenInfo->getUserId(),
+            'scope' => $tokenInfo->getScopes(),
+            'expires_in' => $tokenInfo->getRemainingLifetime(),
+        ];
+    }
 }