@Override public OAuth2AccessToken grant(String grantType, TokenRequest tokenRequest) { OAuth2AccessToken token = super.grant(grantType, tokenRequest); if (token != null) { DefaultOAuth2AccessToken norefresh = new DefaultOAuth2AccessToken(token); // The spec says that client credentials should not be allowed to get a refresh token if (!allowRefresh) { norefresh.setRefreshToken(null); } token = norefresh; } return token; }
@Override public OAuth2AccessToken grant(String grantType, TokenRequest tokenRequest) { //swap the client ID for the recipient //so that the rest of the flow continues as normal TokenRequest adjusted = new TokenRequest( tokenRequest.getRequestParameters(), tokenRequest.getRequestParameters().get(USER_TOKEN_REQUESTING_CLIENT_ID), tokenRequest.getScope(), tokenRequest.getGrantType() ); return super.grant(grantType, adjusted); }
@Override public OAuth2AccessToken grant(String grantType, TokenRequest tokenRequest) { TokenRequest adjusted = new TokenRequest(tokenRequest.getRequestParameters(), tokenRequest.getClientId(), tokenRequest.getScope(), tokenRequest.getGrantType()); return super.grant(grantType, adjusted); }
@Override public OAuth2AccessToken grant(String grantType, TokenRequest tokenRequest) { OAuth2AccessToken token = super.grant(grantType, tokenRequest); if (token != null) { DefaultOAuth2AccessToken norefresh = new DefaultOAuth2AccessToken(token); // The spec says that client credentials should not be allowed to get a refresh token if (!allowRefresh) { norefresh.setRefreshToken(null); } token = norefresh; } return token; }