feat: new auth server introspection behavior

interledger · Jul 24, 2024 · d030e41 · d030e41
1 parent b7c909e
commit d030e41
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 10 deletions.
diff --git a/packages/auth/src/access/utils.ts b/packages/auth/src/access/utils.ts
@@ -36,7 +36,7 @@ export function compareRequestAndGrantAccessItems(
     ) {
       return false
     } else if (
-      restOfRequestAccessItem[key as keyof typeof restOfRequestAccessItem] !==
+      requestAccessItemValue !==
       restOfgrantAccessItem[key as keyof typeof restOfgrantAccessItem]
     ) {
       return false

diff --git a/packages/auth/src/accessToken/routes.ts b/packages/auth/src/accessToken/routes.ts
@@ -105,10 +105,10 @@ async function introspectToken(
     'introspected access token'
   )
 
-  ctx.body = grantToTokenInfo(tokenInfo?.grant, tokenInfo?.accessItem)
+  ctx.body = grantToTokenInfo(tokenInfo?.grant, tokenInfo?.access)
 }
 
-function grantToTokenInfo(grant?: Grant, accessItem?: Access): TokenInfo {
+function grantToTokenInfo(grant?: Grant, access?: Access[]): TokenInfo {
   if (!grant) {
     return {
       active: false
@@ -117,9 +117,7 @@ function grantToTokenInfo(grant?: Grant, accessItem?: Access): TokenInfo {
   return {
     active: true,
     grant: grant.id,
-    access: accessItem
-      ? [toOpenPaymentsAccess(accessItem)]
-      : grant.access.map(toOpenPaymentsAccess),
+    access: access?.map(toOpenPaymentsAccess) ?? [],
     client: grant.client
   }
 }

diff --git a/packages/auth/src/accessToken/service.ts b/packages/auth/src/accessToken/service.ts
@@ -15,7 +15,7 @@ export interface AccessTokenService {
   introspect(
     tokenValue: string,
     access?: AccessItem[]
-  ): Promise<{ grant: Grant; accessItem?: Access } | undefined>
+  ): Promise<{ grant: Grant, access: Access[] } | undefined>
   create(grantId: string, trx?: TransactionOrKnex): Promise<AccessToken>
   revoke(id: string, trx?: TransactionOrKnex): Promise<AccessToken | undefined>
   revokeByGrantId(grantId: string, trx?: TransactionOrKnex): Promise<number>
@@ -77,12 +77,13 @@ async function introspect(
   deps: ServiceDependencies,
   tokenValue: string,
   access?: AccessItem[]
-): Promise<{ grant: Grant; accessItem?: Access } | undefined> {
+): Promise<{ grant: Grant, access: Access[] } | undefined> {
   const token = await AccessToken.query(deps.knex)
     .findOne({ value: tokenValue })
     .withGraphFetched('grant.access')
 
   let foundAccessItem: Access | undefined
+  const foundAccess: Access[] = []
   if (!token) return
   if (isTokenExpired(token)) {
     return undefined
@@ -102,12 +103,12 @@ async function introspect(
         if (!foundAccessItem) {
           return undefined
         } else {
-          return { grant: token.grant, accessItem: foundAccessItem }
+          foundAccess.push(foundAccessItem)
         }
       }
     }
 
-    return { grant: token.grant }
+    return { grant: token.grant, access: foundAccess }
   }
 }