class Doorkeeper::OAuth::TokenIntrospection

def authorize!

Other tags:
    See: https://www.oauth.com/oauth2-servers/token-introspection-endpoint/ - 
def authorize!
  # Requested client authorization
  if server.credentials
    @error = :invalid_client unless authorized_client
  elsif authorized_token
    # Requested bearer token authorization
    #
    #  If the protected resource uses an OAuth 2.0 bearer token to authorize
    #  its call to the introspection endpoint and the token used for
    #  authorization does not contain sufficient privileges or is otherwise
    #  invalid for this request, the authorization server responds with an
    #  HTTP 401 code as described in Section 3 of OAuth 2.0 Bearer Token
    #  Usage [RFC6750].
    #
    @error = :invalid_token unless valid_authorized_token?
  else
    @error = :invalid_request
    @invalid_request_reason = :request_not_authorized
  end
end