From 4e1bb330aa312ae98cd8ef4ad73ca89510278ce3 Mon Sep 17 00:00:00 2001 From: Thomas Sileo Date: Fri, 3 Feb 2023 08:55:31 +0100 Subject: [PATCH] Fix OAuth introspection endpoint --- app/indieauth.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/app/indieauth.py b/app/indieauth.py index 7e657ea..ea4d21d 100644 --- a/app/indieauth.py +++ b/app/indieauth.py @@ -532,6 +532,10 @@ async def oauth_introspection_endpoint( if not access_token: return JSONResponse(content={"active": False}) + is_token_valid, _ = await _check_access_token(db_session, token) + if not is_token_valid: + return JSONResponse(content={"active": False}) + return JSONResponse( content={ "active": True,