fixed introspection access rights

2021-10-13 12:08:08 +02:00 · 2021-10-13 12:08:08 +02:00 · e2e024e8f2
commit e2e024e8f2
parent 94a2c36cef
1 changed files with 1 additions and 3 deletions
--- a/canaille/oauth2utils.py
+++ b/canaille/oauth2utils.py
@ -250,10 +250,8 @@ class IntrospectionEndpoint(_IntrospectionEndpoint):
                tok = Token.filter(oauthRefreshToken=token)
        if tok:
            tok = tok[0]
-            if tok.oauthClient == client.dn:
+            if client.dn in tok.oauthAudience:
                return tok
-            # if has_introspect_permission(client):
-            #    return tok

    def introspect_token(self, token):
        client_id = Client.get(token.oauthClient).oauthClientID