@@ -166,6 +166,14 @@ public function mode() {
166166 * @return object|null
167167 */
168168 public function getAccessTokenPayload (): ?object {
169+ if ($ this ->accessToken === '' ) {
170+ return null ;
171+ }
172+ $ parts = explode ('. ' , $ this ->accessToken );
173+ if (!isset ($ parts [1 ])) {
174+ return null ;
175+ }
176+
169177 return parent ::getAccessTokenPayload ();
170178 }
171179
@@ -200,6 +208,9 @@ public function verifyToken(string $token) {
200208 }
201209
202210 $ introData = $ this ->introspectToken ($ token , '' , $ introspectionClientId , $ introspectionClientSecret );
211+ if ($ introData === null ) {
212+ return null ;
213+ }
203214 $ this ->logger ->debug ('Introspection info: ' . \json_encode ($ introData , JSON_THROW_ON_ERROR ));
204215 if (\property_exists ($ introData , 'error ' )) {
205216 $ this ->logger ->error ('Token introspection failed: ' . \json_encode ($ introData , JSON_THROW_ON_ERROR ));
@@ -212,6 +223,17 @@ public function verifyToken(string $token) {
212223 return $ introData ->exp ;
213224 }
214225
226+ public function introspectToken ($ token , $ token_type_hint = '' , $ clientId = null , $ clientSecret = null ) {
227+ try {
228+ # test if introspection is possible ...
229+ $ this ->getProviderConfigValue ('introspection_endpoint ' );
230+ } catch (OpenIDConnectClientException $ e ) {
231+ return null ;
232+ }
233+
234+ return parent ::introspectToken ($ token , $ token_type_hint , $ clientId , $ clientSecret );
235+ }
236+
215237 /**
216238 * @throws OpenIDConnectClientException
217239 * @throws \JsonException
0 commit comments