From fc618b9bd5da412d70e42e0c390f0b63612cb5fc Mon Sep 17 00:00:00 2001
From: Gabriel Brecci <34200450+qnen@users.noreply.github.com>
Date: Wed, 9 Apr 2025 11:27:19 -0300
Subject: [PATCH] feat: add validation for optional fields in
 IntrospectionToken for custom token types (#3717)

---
 controllers/token.go | 31 +++++++++++++++++++------------
 1 file changed, 19 insertions(+), 12 deletions(-)

diff --git a/controllers/token.go b/controllers/token.go
index 4ca19ab6..d007ade2 100644
--- a/controllers/token.go
+++ b/controllers/token.go
@@ -383,18 +383,25 @@ func (c *ApiController) IntrospectToken() {
 		}
 
 		introspectionResponse = object.IntrospectionResponse{
-			Active:    true,
-			Scope:     jwtToken.Scope,
-			ClientId:  clientId,
-			Username:  jwtToken.Name,
-			TokenType: jwtToken.TokenType,
-			Exp:       jwtToken.ExpiresAt.Unix(),
-			Iat:       jwtToken.IssuedAt.Unix(),
-			Nbf:       jwtToken.NotBefore.Unix(),
-			Sub:       jwtToken.Subject,
-			Aud:       jwtToken.Audience,
-			Iss:       jwtToken.Issuer,
-			Jti:       jwtToken.ID,
+			Active:   true,
+			ClientId: clientId,
+			Exp:      jwtToken.ExpiresAt.Unix(),
+			Iat:      jwtToken.IssuedAt.Unix(),
+			Nbf:      jwtToken.NotBefore.Unix(),
+			Sub:      jwtToken.Subject,
+			Aud:      jwtToken.Audience,
+			Iss:      jwtToken.Issuer,
+			Jti:      jwtToken.ID,
+		}
+
+		if jwtToken.Scope != "" {
+			introspectionResponse.Scope = jwtToken.Scope
+		}
+		if jwtToken.Name != "" {
+			introspectionResponse.Username = jwtToken.Name
+		}
+		if jwtToken.TokenType != "" {
+			introspectionResponse.TokenType = jwtToken.TokenType
 		}
 	}