21 lines
738 B
JavaScript
21 lines
738 B
JavaScript
|
export default { introspectAccessToken };
|
||
|
|
||
|
function introspectAccessToken(r) {
|
||
|
r.error("Inside introspectAccessToken " + njs.dump(r.variables))
|
||
|
r.subrequest("/jwt_verify_request",
|
||
|
function(reply) {
|
||
|
if (reply.status == 200) {
|
||
|
var response = JSON.parse(reply.responseBody);
|
||
|
r.error("Response is " + reply.responseBody)
|
||
|
if (response.active == true) {
|
||
|
r.return(204); // Token is valid, return success code
|
||
|
} else {
|
||
|
r.return(403); // Token is invalid, return forbidden code
|
||
|
}
|
||
|
} else {
|
||
|
r.return(401); // Unexpected response, return 'auth required'
|
||
|
}
|
||
|
}
|
||
|
);
|
||
|
}
|