Struct IntrospectionResponse 

pub struct IntrospectionResponse {
    pub active: bool,
    pub scope: Option<String>,
    pub client_id: Option<String>,
    pub username: Option<String>,
    pub token_type: Option<String>,
    pub expiration: Option<i64>,
    pub issued_at: Option<i64>,
    pub not_before: Option<i64>,
    pub subject: Option<String>,
    pub audience: Option<Audience>,
    pub issuer: Option<String>,
    pub jwt_id: Option<String>,
}

Represents an OAuth 2.0 Token Introspection response as per RFC 7662.

This struct captures the response from an OAuth 2.0 introspection endpoint, providing details about the validity and metadata of an access or refresh token. All fields are optional except active, as per the specification, to handle cases where the token is inactive or certain metadata is not provided.

Example JSON

{
  "active": true,
  "scope": "read write",
  "client_id": "client123",
  "username": "john_doe",
  "token_type": "access_token",
  "exp": 1697054400,
  "iat": 1697050800,
  "nbf": 1697050800,
  "sub": "user123",
  "aud": ["resource_server_1", "resource_server_2"],
  "iss": "https://auth.example.com",
  "jti": "abc123"
}

Fields

active: bool

Indicates whether the token is active (valid, not expired, etc.). This field is required by the OAuth 2.0 introspection specification.

scope: Option<String>

Space-separated list of scopes granted to the token. Optional, as the token may have no scopes or be inactive.

client_id: Option<String>

Identifier of the client that requested the token. Optional, as it may not be provided for inactive tokens.

username: Option<String>

Username of the resource owner associated with the token, if applicable. Optional, as it may not apply to all token types or be absent for inactive tokens.

token_type: Option<String>

Type of the token, typically “access_token” or “refresh_token”. Optional, as it may not be provided for inactive tokens.

expiration: Option<i64>

Expiration Time - Unix timestamp when the token expires (JWT: exp).

issued_at: Option<i64>

Issued At - Unix timestamp when the token was issued (JWT: iat).

not_before: Option<i64>

Not Before - Unix timestamp when the token becomes valid (JWT: nbf).

subject: Option<String>

Subject identifier, often the user ID associated with the token. Optional, as it may not be provided for inactive tokens.

audience: Option<Audience>

Audience(s) the token is intended for, which can be a single string or an array of strings. Optional, as it may not be provided for inactive tokens.

issuer: Option<String>

Issuer identifier, typically the URI of the authorization server. Optional, as it may not be provided for inactive tokens.

jwt_id: Option<String>

JWT ID - Unique identifier for the token to prevent reuse (JWT: jti).

Trait Implementations

impl Clone for IntrospectionResponse

fn clone(&self) -> IntrospectionResponse

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for IntrospectionResponse

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<'de> Deserialize<'de> for IntrospectionResponse

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>

where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl Serialize for IntrospectionResponse

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>

where __S: Serializer,

Serialize this value into the given Serde serializer.