llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-07-08 00:50:28 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: add validation for optional fields in IntrospectionToken for custom token types (#3717)

Browse Source
This commit is contained in:
Gabriel Brecci
2025-04-09 11:27:19 -03:00
committed by GitHub
parent a00900e405
commit fc618b9bd5
1 changed files with 19 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
controllers/token.go
View File

@ -384,10 +384,7 @@ func (c *ApiController) IntrospectToken() {
introspectionResponse = object.IntrospectionResponse{
Active: true,
Scope: jwtToken.Scope,
ClientId: clientId,
Username: jwtToken.Name,
TokenType: jwtToken.TokenType,
Exp: jwtToken.ExpiresAt.Unix(),
Iat: jwtToken.IssuedAt.Unix(),
Nbf: jwtToken.NotBefore.Unix(),
@ -396,6 +393,16 @@ func (c *ApiController) IntrospectToken() {
Iss: jwtToken.Issuer,
Jti: jwtToken.ID,
}
if jwtToken.Scope != "" {
introspectionResponse.Scope = jwtToken.Scope
}
if jwtToken.Name != "" {
introspectionResponse.Username = jwtToken.Name
}
if jwtToken.TokenType != "" {
introspectionResponse.TokenType = jwtToken.TokenType
}
}
if tokenTypeHint == "" {