# frozen_string_literal: true

module Rodauth
  Feature.define(:oauth_resource_server, :OauthResourceServer) do
    def authorization_token
      return @authorization_token if defined?(@authorization_token)

      # check if there is a token
      bearer_token = fetch_access_token

      return unless bearer_token

      # where in resource server, NOT the authorization server.
      payload = introspection_request("access_token", bearer_token)

      return unless payload["active"]

      @authorization_token = payload
    end
  end
end