TeskaLabs / seacat-auth

SeaCat Auth provides authentication, authorization, identity management, session management and other access control features.

GNU General Public License v3.0

11 stars 6 forks source link

Accept algorithmic token in oauth introspection #405

Closed byewokko closed 2 months ago

byewokko commented 2 months ago

Issue

When sending an algorithmic session token to nginx oauth introspection, the app logs "Corrupt access token format: Base64 decoding failed." and returns 401.

Change summary

Added support for algorithmic tokens to oauth introspection.
Minor refactoring - use error-driven flow when deserializing algorithmic sessions.