AccessTokenValidator | /mod.ts | authlete_deno@v1.2.3

Module

x/authlete_deno/mod.ts>AccessTokenValidator#validate

Authlete Library for Deno

authlete/authlete-deno

Go to Latest

src

mod.ts (default module)

AuthorizationDecisionHandler

AuthorizationFailRequest

AuthorizationFailResponse

AuthorizationIssueResponse

AuthorizationResponse

IntrospectionRequestHandler

IntrospectionResponse

RevocationRequestHandler

RevocationResponse

StandardIntrospectionResponse

UserInfoIssueResponse

UserInfoRequestHandler

AuthletePropertyConfiguration

AuthorizationDecisionHandlerSpiAdapter

AuthorizationIssueRequest

AuthorizationPageModel

AuthorizationRequest

AuthorizationRequestBaseHandler

AuthorizationRequestErrorHandler

AuthorizationRequestHandlerSpiAdapter

AuthzDetails

AuthzDetailsElement

BaseApiRequestHandler

ConfigurationRequestHandler

NoInteractionHandlerSpiAdapter

Sns

StandardIntrospectionRequest

TokenRequestHandlerSpiAdapter

UserClaimProviderAdapter

UserCodeCharset

UserInfoIssueRequest

UserInfoRequest

UserInfoRequestHandlerSpiAdapter

AuthleteApi

AuthleteConfiguration

AuthorizationDecisionHandlerSpi

AuthorizationRequestHandlerSpi

NoInteractionHandlerSpi

TokenRequestHandlerSpi

User

UserClaimProvider

UserInfoRequestHandlerSpi

method AccessTokenValidator.prototype.validate

import { AccessTokenValidator } from "https://deno.land/x/authlete_deno@v1.2.3/mod.ts";

validate(

accessToken?: string,

requiredScopes?: string[],

requiredSubject?: string,

)

Validate an access token.

On entry, as the first step, the implementation of this method resets the following properties to false or undefined.

isValid
introspectionResult
introspectionError
errorResponse

Then, this method internally calls Authlete /api/auth/introspection API to get information about the access token.

If the API call failed, the exception thrown by the API call is set to the introspectionError property and an error response (500 Internal Server Error) that should be returned to the client application is set to the errorResponse property. Then, this method sets false to the isValid property and returns false.

If the API call succeeded, the response from the API is set to the introspectionResult property. Then, the implementation of this method checks the value of the action parameter in the response from the API.

If the value of the action parameter is OK, this method sets true to the isValid property and returns true.

If the value of the action parameter is not OK, this method builds an error response that should be returned to the client application and sets it to the errorResponse property. Then, this method sets false to the isValid property and returns false.

Parameters

optional

accessToken: string

An access token to be validated.

optional

requiredScopes: string[]

Scopes that the access token should have. If a non-empty value is given to this parameter, the implementation of Authlete /api/auth/introspection API checks whether the access token covers all the required scopes.

optional

requiredSubject: string

Subject (= unique identifier of an end-user) that the access token should be associated with. If a non-empty value is given to this parameter, the implementation of Authlete /api/auth/introspection API checks whether the access token is associated with the required subject.