validateToken method

@override Future<AuthResult> validateToken(String token, { List<String>? requiredScopes, })

Validate a bearer token

Implementation

@override
Future<AuthResult> validateToken(String token, {List<String>? requiredScopes}) async {
  final keyInfo = _validApiKeys[token];

  if (keyInfo == null) {
    return const AuthResult.failure(error: 'Invalid API key');
  }

  // Check if key is expired
  final exp = keyInfo['exp'] as int?;
  if (exp != null && DateTime.now().millisecondsSinceEpoch > exp * 1000) {
    return const AuthResult.failure(error: 'API key expired');
  }

  // Check scopes
  if (requiredScopes != null && requiredScopes.isNotEmpty) {
    final keyScopes = (keyInfo['scopes'] as List<dynamic>?)?.cast<String>() ?? [];
    if (!hasRequiredScopes(keyScopes, requiredScopes)) {
      return AuthResult.failure(
        error: 'Insufficient scopes for API key'
      );
    }
  }

  return AuthResult.success(
    userInfo: keyInfo,
    validatedScopes: requiredScopes,
  );
}