/**
  * {@inheritdoc}
  */
 public function introspectToken(TokenInterface $token, ClientInterface $client)
 {
     if (!$token instanceof AccessTokenInterface) {
         return [];
     }
     $result = ['active' => !$token->hasExpired(), 'client_id' => $token->getClientPublicId(), 'token_type' => $token->getTokenTypeParameter('token_type'), 'exp' => $token->getExpiresAt()];
     // If the client is the subject, we add this information.
     //
     // The subject is not added if the client is not a resource owner.
     // The reason is that if the client received an ID Token, the subject may have been computed (pairwise) and
     // the subject returned here may be different. As per the OpenID Connect specification, the client must reject the token
     // if subject are different and we want to avoid this case.
     if ($client->getPublicId() === $token->getResourceOwnerPublicId()) {
         $result['sub'] = $token->getResourceOwnerPublicId();
     }
     // If the client is a resource server, we return all the information stored in the access token including the metadata
     if ($client->has('is_resource_server') && true === $client->get('is_resource_server')) {
         $result['sub'] = $token->getResourceOwnerPublicId();
     }
     if (!empty($token->getScope())) {
         $result['scp'] = $token->getScope();
     }
     if ($token instanceof JWTAccessTokenInterface) {
         $result = array_merge($result, $this->getJWTInformation($token->getJWS()));
     }
     return $result;
 }
 /**
  * {@inheritdoc}
  */
 public function introspectToken(TokenInterface $token, ClientInterface $client)
 {
     if (!$token instanceof RefreshTokenInterface) {
         return [];
     }
     $result = ['active' => !$token->hasExpired(), 'client_id' => $token->getClientPublicId(), 'exp' => $token->getExpiresAt()];
     if (!empty($token->getScope())) {
         $result['scp'] = $token->getScope();
     }
     return $result;
 }