function introspectAccessToken(r) {
    if (r.variables.token_data) {
        tokenResult(r); // Existing response in key-value store so do validation
    } else {
        r.subrequest("/_oauth2_send_request",
            function(reply) {
                if (reply.status == 200) {
                    r.variables.token_data = reply.responseText; // Create entry
                    tokenResult(r); // Do validation of response
                } else {
                    r.return(401); // Unexpected response, return auth-required
                }
            }
        );
    }
}

function tokenResult(r) {
    var response = JSON.parse(r.variables.token_data);

    if (response.active) {
        // Convert all members of the response into response headers
        for (var p in response) {
            if (!response.hasOwnProperty(p)) continue;
            r.log("OAuth2 Token-" + p + ": " + response[p]);
            r.headersOut['Token-' + p] = response[p];
        }
        r.status = 204;
        r.sendHeader();
        r.finish();
    } else {
        r.return(401);
    }
}

export default { introspectAccessToken }