func (s *AEServer) FinishTokenInfoRequest(c context.Context, w *osin.Response, r *TokenInfoRequest) {
if w.IsError {
w.Output["error_description"] = w.InternalError.Error()
return
}
if aestorage, ok := s.storage.(*AEStorage); ok {
//decode from claims
u, err := aestorage.LoadUserFromAccessData(c, r.AccessData)
if err != nil {
w.IsError = true
w.InternalError = err
w.Output["error"] = err.Error()
w.Output["error_description"] = err.Error()
} else if u == nil {
w.IsError = true
w.InternalError = errors.New("User not found")
w.Output["error"] = err.Error()
w.Output["error_description"] = err.Error()
} else {
w.Output["user_id"] = u.ID
w.Output["email"] = u.Email
w.Output["verified_email"] = !u.VerifiedAt.IsZero()
w.Output["issued_to"] = r.AccessData.Client.GetId()
w.Output["audience"] = r.AccessData.Client.GetId() //TODO: works temporarily but needs to be updated for Android devices
w.Output["scope"] = r.AccessData.Scope
w.Output["expires_in"] = r.AccessData.CreatedAt.Add(time.Duration(r.AccessData.ExpiresIn)*time.Second).Sub(s.server.Now()) / time.Second
w.Output["access_type"] = "online"
}
} else {
w.IsError = true
w.InternalError = errors.New("Storage is not available")
w.Output["error"] = w.InternalError.Error()
w.Output["error_description"] = w.InternalError.Error()
}
}
func (s *AEServer) HandleTokenInfoRequest(c context.Context, w *osin.Response, r *http.Request) *TokenInfoRequest {
r.ParseForm()
token := r.Form.Get("access_token")
if token == "" {
w.SetError(osin.E_INVALID_REQUEST, "")
return nil
}
ret := &TokenInfoRequest{
AccessToken: token,
}
var err error
ret.AccessData, err = s.storage.LoadAccess(c, ret.AccessToken)
if err != nil {
w.SetError(osin.E_INVALID_REQUEST, "")
w.InternalError = err
return nil
}
if ret.AccessData == nil {
w.SetError(osin.E_INVALID_REQUEST, "")
return nil
}
if ret.AccessData.Client.GetRedirectUri() == "" {
w.SetError(osin.E_UNAUTHORIZED_CLIENT, "")
return nil
}
if ret.AccessData.IsExpiredAt(s.server.Now()) {
w.SetError(osin.E_UNAUTHORIZED_CLIENT, "")
return nil
}
return ret
}