+
+ /**
+ * Verify a token with an IdP endpoint, using the Authentication header supplied.
+ * @param {URL} introspectionUrlObj
+ * @param {String} authenticationHeader
+ * @param {String} token
+ */
+ async introspectToken(introspectionUrlObj, authenticationHeader, token) {
+ const _scope = _fileScope('introspectToken');
+
+ const formData = common.formData({ token });
+ const postIntrospectConfig = Communication._axiosConfig('POST', introspectionUrlObj, formData, {}, {
+ [Enum.Header.Authentication]: authenticationHeader,
+ [Enum.Header.ContentType]: Enum.ContentType.ApplicationForm,
+ [Enum.Header.Accept]: `${Enum.ContentType.ApplicationJson}, ${Enum.ContentType.Any};q=0.1`,
+ });
+ delete postIntrospectConfig.validateStatus; // only accept success
+
+ let tokenInfo;
+ try {
+ const response = await this.axios(postIntrospectConfig);
+ this.logger.debug(_scope, 'response', { response });
+ // check status
+ try {
+ tokenInfo = JSON.parse(response.data);
+ const {
+ active,
+ me,
+ client_id: clientId,
+ scope,
+ exp,
+ iat,
+ } = tokenInfo;
+
+ return {
+ active,
+ ...(me && { me }),
+ ...(clientId && { clientId }),
+ ...(scope && { scope: scope.split(scopeSplitRE) }),
+ ...(exp && { exp: Number(exp) }),
+ ...(iat && { iat: Number(iat) }),
+ };
+ } catch (e) {
+ this.logger.error(_scope, 'failed to parse json', { error: e, response });
+ throw e;
+ }
+ } catch (e) {
+ this.logger.error(_scope, 'introspect token request failed', { error: e, url: introspectionUrlObj.href });
+ throw e;
+ }
+ }
+
+
+ /**
+ * Attempt to deliver a ticket to an endpoint.
+ * N.B. does not absorb errors
+ * @param {*} ticketEndpointUrlObj
+ * @param {*} resourceUrlObj
+ * @param {*} subjectUrlObj
+ * @param {*} ticket
+ * @returns {Promise<AxiosResponse>}
+ */
+ async deliverTicket(ticketEndpointUrlObj, resourceUrlObj, subjectUrlObj, ticket) {
+ const _scope = _fileScope('deliverTicket');
+
+ try {
+ const ticketPayload = {
+ ticket,
+ resource: resourceUrlObj.href,
+ subject: subjectUrlObj.href,
+ };
+ const ticketConfig = Communication._axiosConfig('POST', ticketEndpointUrlObj, ticketPayload, {}, {
+ [Enum.Header.ContentType]: Enum.ContentType.ApplicationForm,
+ });
+ return await this.axios(ticketConfig);
+ } catch (e) {
+ this.logger.error(_scope, 'ticket delivery request failed', { error: e, url: ticketEndpointUrlObj.href });
+ throw e;
+ }
+ }
+