From ce287b947ddf449386dcfe27d32aa9121a436724 Mon Sep 17 00:00:00 2001
From: kaushal-jar <85285006+kaushal-jar@users.noreply.github.com>
Date: Tue, 7 Feb 2023 01:21:28 +0530
Subject: [PATCH] Allow OAuthModels to override validateAccessToken method.

Enables custom logic to validate token while token authentication for resource access.
---
 lib/handlers/authenticate-handler.js | 26 ++++++++++++++++++--------
 1 file changed, 18 insertions(+), 8 deletions(-)

diff --git a/lib/handlers/authenticate-handler.js b/lib/handlers/authenticate-handler.js
index dc9117b27..327eadbb8 100644
--- a/lib/handlers/authenticate-handler.js
+++ b/lib/handlers/authenticate-handler.js
@@ -216,15 +216,25 @@ AuthenticateHandler.prototype.getAccessToken = function(token) {
  */
 
 AuthenticateHandler.prototype.validateAccessToken = function(accessToken) {
-  if (!(accessToken.accessTokenExpiresAt instanceof Date)) {
-    throw new ServerError('Server error: `accessTokenExpiresAt` must be a Date instance');
+  if (this.model.validateAccessToken) {
+    return promisify(this.model.validateAccessToken, 1).call(this.model, accessToken)
+      .then(function (isValid) {
+        if (!isValid) {
+          throw new InvalidTokenError('Invalid token: access token has expired');
+        }
+        return accessToken;
+      });
+  } else {
+    if (!(accessToken.accessTokenExpiresAt instanceof Date)) {
+      throw new ServerError('Server error: `accessTokenExpiresAt` must be a Date instance');
+    }
+
+    if (accessToken.accessTokenExpiresAt < new Date()) {
+      throw new InvalidTokenError('Invalid token: access token has expired');
+    }
+
+    return accessToken;
   }
-
-  if (accessToken.accessTokenExpiresAt < new Date()) {
-    throw new InvalidTokenError('Invalid token: access token has expired');
-  }
-
-  return accessToken;
 };
 
 /**