private AuthorizationRequest clientCredentialToken(AccessTokenRequest accessTokenRequest) {
AuthorizationRequest request = new AuthorizationRequest();
request.setClient(accessTokenRequest.getClient());
// We have to construct a AuthenticatedPrincipal on-the-fly as there is only key-secret
// authentication
request.setPrincipal(new AuthenticatedPrincipal(request.getClient().getClientId()));
// Get scopes (either from request or the client's default set)
request.setGrantedScopes(accessTokenRequest.getScopeList());
return request;
}
private AuthorizationRequest refreshTokenToken(AccessTokenRequest accessTokenRequest) {
AccessToken accessToken =
accessTokenRepository.findByRefreshToken(accessTokenRequest.getRefreshToken());
if (accessToken == null) {
throw new ValidationResponseException(ValidationResponse.INVALID_GRANT_REFRESH_TOKEN);
}
AuthorizationRequest request = new AuthorizationRequest();
request.setClient(accessToken.getClient());
request.setPrincipal(accessToken.getPrincipal());
request.setGrantedScopes(accessToken.getScopes());
accessTokenRepository.delete(accessToken);
return request;
}
private AuthorizationRequest passwordToken(AccessTokenRequest accessTokenRequest) {
// Authenticate the resource owner
AuthenticatedPrincipal principal =
resourceOwnerAuthenticator.authenticate(
accessTokenRequest.getUsername(), accessTokenRequest.getPassword());
if (principal == null) {
throw new ValidationResponseException(ValidationResponse.INVALID_GRANT_PASSWORD);
}
AuthorizationRequest request = new AuthorizationRequest();
request.setClient(accessTokenRequest.getClient());
request.setPrincipal(principal);
request.setGrantedScopes(accessTokenRequest.getScopeList());
return request;
}
