@Before
  public void setUp() {
    mockUserDatabase(userId, user);
    authorizationRequest = new AuthorizationRequest("client", Collections.singleton("read"));
    authorizationRequest.setResourceIds(new HashSet<>(Arrays.asList("client", "scim")));
    Map<String, String> requestParameters = new HashMap<>();
    authorizationRequest.setRequestParameters(requestParameters);
    authentication =
        new OAuth2Authentication(
            authorizationRequest.createOAuth2Request(),
            UaaAuthenticationTestFactory.getAuthentication(userId, userName, "*****@*****.**"));

    signerProvider = new SignerProvider();
    signerProvider.setSigningKey(signerKey);
    signerProvider.setVerifierKey(verifierKey);
    tokenServices.setSignerProvider(signerProvider);
    endpoint.setTokenServices(tokenServices);
    Date oneSecondAgo = new Date(System.currentTimeMillis() - 1000);
    Date thirtySecondsAhead = new Date(System.currentTimeMillis() + 30000);

    approvalStore.addApproval(
        new Approval(
            userId, "client", "read", thirtySecondsAhead, ApprovalStatus.APPROVED, oneSecondAgo));
    approvalStore.addApproval(
        new Approval(
            userId, "client", "write", thirtySecondsAhead, ApprovalStatus.APPROVED, oneSecondAgo));
    tokenServices.setApprovalStore(approvalStore);

    clientDetailsService.setClientDetailsStore(clientDetailsStore);
    tokenServices.setClientDetailsService(clientDetailsService);

    accessToken = tokenServices.createAccessToken(authentication);
  }
 @Test(expected = InvalidTokenException.class)
 public void testExpiredApprovals() {
   approvalStore.revokeApproval(
       new Approval(userId, "client", "read", new Date(), ApprovalStatus.APPROVED, new Date()));
   approvalStore.addApproval(
       new Approval(userId, "client", "read", new Date(), ApprovalStatus.APPROVED, new Date()));
   Map<String, ?> result = endpoint.checkToken(accessToken.getValue());
   assertEquals(null, result.get("client_authorities"));
 }
 @Test(expected = InvalidTokenException.class)
 public void testDeniedApprovals() {
   Date oneSecondAgo = new Date(System.currentTimeMillis() - 1000);
   Date thirtySecondsAhead = new Date(System.currentTimeMillis() + 30000);
   approvalStore.revokeApproval(
       new Approval(
           userId, "client", "read", thirtySecondsAhead, ApprovalStatus.APPROVED, oneSecondAgo));
   approvalStore.addApproval(
       new Approval(
           userId, "client", "read", thirtySecondsAhead, ApprovalStatus.DENIED, oneSecondAgo));
   Map<String, ?> result = endpoint.checkToken(accessToken.getValue());
   assertEquals(null, result.get("client_authorities"));
 }