func (c *CoreValidator) introspectAuthorizeCode(ctx context.Context, token string, accessRequest fosite.AccessRequester) error {
sig := c.CoreStrategy.AuthorizeCodeSignature(token)
if or, err := c.CoreStorage.GetAuthorizeCodeSession(ctx, sig, accessRequest.GetSession()); err != nil {
return errors.Wrap(err, fosite.ErrRequestUnauthorized.Error())
} else if err := c.CoreStrategy.ValidateAuthorizeCode(ctx, or, token); err != nil {
return err
} else {
accessRequest.Merge(or)
}
return nil
}
func (c *CoreValidator) introspectAccessToken(ctx context.Context, token string, accessRequest fosite.AccessRequester, scopes []string) error {
sig := c.CoreStrategy.AccessTokenSignature(token)
or, err := c.CoreStorage.GetAccessTokenSession(ctx, sig, accessRequest.GetSession())
if err != nil {
return errors.Wrap(fosite.ErrRequestUnauthorized, err.Error())
} else if err := c.CoreStrategy.ValidateAccessToken(ctx, or, token); err != nil {
return err
}
for _, scope := range scopes {
if scope == "" {
continue
}
if !c.ScopeStrategy(or.GetGrantedScopes(), scope) {
return errors.Wrap(fosite.ErrInvalidScope, "")
}
}
accessRequest.Merge(or)
return nil
}
