From 0b51c6155081ea96e3d8c1491b2b26df6f258009 Mon Sep 17 00:00:00 2001
From: Bryan Haberberger <bryan.j.haberberger@slu.edu>
Date: Mon, 18 Aug 2025 16:31:34 -0400
Subject: [PATCH] Users reported that the access token validation endpoint was
 always failing.

---
 routes/client.js | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/routes/client.js b/routes/client.js
index 869b3899..0713ce68 100644
--- a/routes/client.js
+++ b/routes/client.js
@@ -1,6 +1,7 @@
 import express from 'express'
 const router = express.Router()
 import auth from '../auth/index.js'
+import { getAgentClaim } from '../controllers/utils.js'
 
 router.get('/register', (req, res, next) => {
   //Register means register with the RERUM Server Auth0 client and get a new code for a refresh token.
@@ -18,6 +19,13 @@ router.get('/register', (req, res, next) => {
 
 router.post('/request-new-access-token',auth.generateNewAccessToken)
 router.post('/request-new-refresh-token',auth.generateNewRefreshToken)
-router.get('/verify',auth.checkJwt)
+
+// Verifies good tokens are from RERUM.  Fails with 401 on tokens from other platforms, or bad tokens in genreal.
+router.get('/verify', auth.checkJwt, (req, res, next) => {
+  const generatorAgent = getAgentClaim(req, next)
+  res.set("Content-Type", "text/plain")
+  res.status(200)
+  res.send("The token was verified by Auth0")
+})
 
 export default router