refactor: introspection response jti not returned for opaque tokens

BREAKING CHANGE: Introspection response `jti` is not returned for opaque tokens.
panva · Mar 3, 2020 · a333aaa · a333aaa
1 parent 0ed56bd
commit a333aaa
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 2 deletions.
diff --git a/lib/actions/introspection.js b/lib/actions/introspection.js
@@ -191,7 +191,7 @@ module.exports = function introspectionAction(provider) {
         iat: token.iat,
         sid: token.sid,
         iss: provider.issuer,
-        jti: token.jti, // TODO: in v7.x omit if jti === params.token
+        jti: token.jti !== params.token ? token.jti : undefined,
         aud: token.aud,
         scope: token.scope,
         cnf: token.isSenderConstrained() ? {} : undefined,

diff --git a/test/introspection/introspection.test.js b/test/introspection/introspection.test.js
@@ -3,6 +3,8 @@ const { expect } = require('chai');
 
 const bootstrap = require('../test_helper');
 
+const { formats: { AccessToken: FORMAT } } = require('../../lib/helpers/defaults');
+
 const route = '/token/introspection';
 
 describe('introspection features', () => {
@@ -38,11 +40,15 @@ describe('introspection features', () => {
         .type('form')
         .expect(200)
         .expect((response) => {
-          expect(response.body).to.contain.keys('client_id', 'scope', 'sub', 'iss', 'iat', 'exp', 'token_type', 'aud', 'jti');
+          expect(response.body).to.contain.keys('client_id', 'scope', 'sub', 'iss', 'iat', 'exp', 'token_type', 'aud');
           expect(response.body.sub).to.equal('accountId');
           expect(response.body.token_type).to.equal('Bearer');
           expect(response.body.iss).to.equal(this.provider.issuer);
           expect(response.body.aud).to.equal('urn:example:foo');
+
+          if (FORMAT !== 'opaque' && typeof FORMAT !== 'function') {
+            expect(response.body).to.contain.key('jti');
+          }
         });
     });