validateToken method
Validate a bearer token
Implementation
@override
Future<AuthResult> validateToken(String token, {List<String>? requiredScopes}) async {
try {
final introspection = await introspectToken(token);
// Check if token is active
if (introspection['active'] != true) {
return const AuthResult.failure(error: 'Token is not active');
}
// Check scopes if required
if (requiredScopes != null && requiredScopes.isNotEmpty) {
final tokenScopes = (introspection['scope'] as String?)?.split(' ') ?? [];
if (!hasRequiredScopes(tokenScopes, requiredScopes)) {
return AuthResult.failure(
error: 'Insufficient scopes. Required: ${requiredScopes.join(', ')}, '
'Available: ${tokenScopes.join(', ')}'
);
}
}
return AuthResult.success(
userInfo: {
'sub': introspection['sub'],
'client_id': introspection['client_id'],
'username': introspection['username'],
'scope': introspection['scope'],
'exp': introspection['exp'],
'iat': introspection['iat'],
},
validatedScopes: requiredScopes,
);
} catch (e) {
return AuthResult.failure(error: 'Token validation failed: $e');
}
}