Added introspection endpoint. (#16752)

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-08-21 04:16:45 +02:00 · 2021-08-21 04:16:45 +02:00 · 0bd58d61e5
commit 0bd58d61e5
parent e9747de952
5 changed files with 67 additions and 56 deletions
--- a/services/auth/oauth2.go
+++ b/services/auth/oauth2.go
@ -113,7 +113,7 @@ func (o *OAuth2) Verify(req *http.Request, w http.ResponseWriter, store DataStor
 		return nil
 	}

-	if !middleware.IsAPIPath(req) && !isAttachmentDownload(req) {
+	if !middleware.IsAPIPath(req) && !isAttachmentDownload(req) && !isAuthenticatedTokenRequest(req) {
 		return nil
 	}

@ -134,3 +134,13 @@ func (o *OAuth2) Verify(req *http.Request, w http.ResponseWriter, store DataStor
 	log.Trace("OAuth2 Authorization: Logged in user %-v", user)
 	return user
 }
+
+func isAuthenticatedTokenRequest(req *http.Request) bool {
+	switch req.URL.Path {
+	case "/login/oauth/userinfo":
+		fallthrough
+	case "/login/oauth/introspect":
+		return true
+	}
+	return false
+}
--- a/services/forms/user_form.go
+++ b/services/forms/user_form.go
@ -215,6 +215,17 @@ func (f *AccessTokenForm) Validate(req *http.Request, errs binding.Errors) bindi
 	return middleware.Validate(errs, ctx.Data, f, ctx.Locale)
 }

+// IntrospectTokenForm for introspecting tokens
+type IntrospectTokenForm struct {
+	Token string `json:"token"`
+}
+
+// Validate validates the fields
+func (f *IntrospectTokenForm) Validate(req *http.Request, errs binding.Errors) binding.Errors {
+	ctx := context.GetContext(req)
+	return middleware.Validate(errs, ctx.Data, f, ctx.Locale)
+}
+
 //   __________________________________________.___ _______    ________  _________
 //  /   _____/\_   _____/\__    ___/\__    ___/|   |\      \  /  _____/ /   _____/
 //  \_____  \  |    __)_   |    |     |    |   |   |/   |   \/   \  ___ \_____  \