introspectToken method
Validate token introspection (RFC7662)
Implementation
@override
Future<Map<String, dynamic>> introspectToken(String token) async {
final request = await _httpClient.postUrl(Uri.parse(introspectionEndpoint));
// Add authorization header
final credentials = base64Encode(utf8.encode('$clientId:$clientSecret'));
request.headers.set('Authorization', 'Basic $credentials');
request.headers.set('Content-Type', 'application/x-www-form-urlencoded');
// Add token to body
request.write('token=$token');
final response = await request.close();
final responseBody = await utf8.decoder.bind(response).join();
if (response.statusCode != 200) {
throw HttpException('Token introspection failed: ${response.statusCode}');
}
return jsonDecode(responseBody) as Map<String, dynamic>;
}