add support for introspection.token_param_name; closes #57

zandbelt · zandbelt · commit 75fc950a2dff · 2024-09-13T15:45:17.000+02:00
Signed-off-by: Hans Zandbelt &lt;hans.zandbelt@openidc.com&gt;
diff --git a/ChangeLog b/ChangeLog
@@ -1,3 +1,6 @@
+09/13/2024
+- add support for introspection.token_param_name; closes #57
+
 09/11/2024
 - add (optional) JQ support with caching in oauth2_jq_filter
 - add "json_payload_claim" claim option to oauth2_cfg_target_pass_t
diff --git a/src/oauth2.c b/src/oauth2.c
@@ -273,22 +273,27 @@ bool oauth2_http_ctx_auth_add(oauth2_log_t *log, oauth2_http_call_ctx_t *ctx,
 
 _OAUTH2_CFG_CTX_TYPE_START(oauth2_introspect_ctx)
 oauth2_cfg_endpoint_t *endpoint;
+char *token_param_name;
 oauth2_nv_list_t *params;
 _OAUTH2_CFG_CTX_TYPE_END(oauth2_introspect_ctx)
 
 _OAUTH2_CFG_CTX_INIT_START(oauth2_introspect_ctx)
 ctx->endpoint = NULL;
+ctx->token_param_name = NULL;
 ctx->params = NULL;
 _OAUTH2_CFG_CTX_INIT_END
 
 _OAUTH2_CFG_CTX_CLONE_START(oauth2_introspect_ctx)
 dst->endpoint = oauth2_cfg_endpoint_clone(log, src->endpoint);
+dst->token_param_name = oauth2_strdup(src->token_param_name);
 dst->params = oauth2_nv_list_clone(log, src->params);
 _OAUTH2_CFG_CTX_CLONE_END
 
 _OAUTH2_CFG_CTX_FREE_START(oauth2_introspect_ctx)
 if (ctx->endpoint)
 	oauth2_cfg_endpoint_free(log, ctx->endpoint);
+if (ctx->token_param_name)
+	oauth2_mem_free(ctx->token_param_name);
 if (ctx->params)
 	oauth2_nv_list_free(log, ctx->params);
 _OAUTH2_CFG_CTX_FREE_END
@@ -331,7 +336,10 @@ static bool _oauth2_introspect_verify(oauth2_log_t *log,
 	if (params == NULL)
 		goto end;
 
-	oauth2_nv_list_add(log, params, OAUTH2_INTROSPECT_TOKEN, token);
+	oauth2_nv_list_add(log, params,
+			   ctx->token_param_name ? ctx->token_param_name
+						 : OAUTH2_INTROSPECT_TOKEN,
+			   token);
 	oauth2_nv_list_add(log, params, OAUTH2_INTROSPECT_TOKEN_TYPE_HINT,
 			   OAUTH2_INTROSPECT_TOKEN_TYPE_HINT_ACCESS_TOKEN);
 
@@ -442,6 +450,9 @@ static char *_oauth2_verify_options_set_introspect_url_ctx(
 	rv = oauth2_cfg_set_endpoint(log, ctx->endpoint, url, params,
 				     "introspect");
 
+	ctx->token_param_name = oauth2_strdup(
+	    oauth2_nv_list_get(log, params, "introspect.token_param_name"));
+
 	if (oauth2_parse_form_encoded_params(
 		log, oauth2_nv_list_get(log, params, "introspect.params"),
 		&ctx->params) == false)
