@quarks/quarks-iam
Version:
A modern authorization server built to authenticate your users and protect your APIs
33 lines (28 loc) • 632 B
JavaScript
/**
* Module dependencies
*/
var oidc = require('../oidc')
var settings = require('../boot/settings')
/**
* Token Endpoint
*/
module.exports = function (server) {
server.all('/token/verify',
oidc.authenticateClient,
oidc.parseAuthorizationHeader,
oidc.getBearerToken,
oidc.verifyAccessToken({
iss: settings.issuer,
key: settings.keys.sig.pub
}),
function (req, res, next) {
// don't cache this response
res.set({
'Cache-Control': 'no-store',
'Pragma': 'no-cache'
})
// respond with decoded/retrieved claims
res.json(req.claims)
}
)
}