@Test
  public void verifyExpiredAccessToken() throws Exception {
    final Principal principal =
        org.jasig.cas.authentication.TestUtils.getPrincipal(ID, new HashMap<String, Object>());
    final Authentication authentication = new OAuthAuthentication(ZonedDateTime.now(), principal);
    final DefaultAccessTokenFactory expiringAccessTokenFactory = new DefaultAccessTokenFactory();
    expiringAccessTokenFactory.setExpirationPolicy(
        new ExpirationPolicy() {
          @Override
          public boolean isExpired(final TicketState ticketState) {
            return true;
          }
        });
    final AccessTokenImpl accessToken =
        (AccessTokenImpl) expiringAccessTokenFactory.create(TestUtils.getService(), authentication);
    oAuth20ProfileController.getTicketRegistry().addTicket(accessToken);

    final MockHttpServletRequest mockRequest =
        new MockHttpServletRequest("GET", CONTEXT + OAuthConstants.PROFILE_URL);
    mockRequest.setParameter(OAuthConstants.ACCESS_TOKEN, accessToken.getId());
    final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
    oAuth20ProfileController.handleRequest(mockRequest, mockResponse);
    assertEquals(200, mockResponse.getStatus());
    assertEquals(
        "{\"error\":\"" + OAuthConstants.EXPIRED_ACCESS_TOKEN + "\"}",
        mockResponse.getContentAsString());
  }
  @Test
  public void verifyOKWithAuthorizationHeader() throws Exception {
    final Map<String, Object> map = new HashMap<>();
    map.put(NAME, VALUE);
    final List<String> list = Arrays.asList(VALUE, VALUE);
    map.put(NAME2, list);

    final Principal principal = org.jasig.cas.authentication.TestUtils.getPrincipal(ID, map);
    final Authentication authentication = new OAuthAuthentication(ZonedDateTime.now(), principal);
    final AccessTokenImpl accessToken =
        (AccessTokenImpl) accessTokenFactory.create(TestUtils.getService(), authentication);
    oAuth20ProfileController.getTicketRegistry().addTicket(accessToken);

    final MockHttpServletRequest mockRequest =
        new MockHttpServletRequest("GET", CONTEXT + OAuthConstants.PROFILE_URL);
    mockRequest.addHeader("Authorization", OAuthConstants.BEARER_TOKEN + ' ' + accessToken.getId());
    final MockHttpServletResponse mockResponse = new MockHttpServletResponse();
    oAuth20ProfileController.handleRequest(mockRequest, mockResponse);
    assertEquals(200, mockResponse.getStatus());
    assertEquals(CONTENT_TYPE, mockResponse.getContentType());

    final ObjectMapper mapper = new ObjectMapper();

    final String expected =
        "{\"id\":\""
            + ID
            + "\",\"attributes\":[{\""
            + NAME
            + "\":\""
            + VALUE
            + "\"},{\""
            + NAME2
            + "\":[\""
            + VALUE
            + "\",\""
            + VALUE
            + "\"]}]}";
    final JsonNode expectedObj = mapper.readTree(expected);
    final JsonNode receivedObj = mapper.readTree(mockResponse.getContentAsString());
    assertEquals(expectedObj.get("id").asText(), receivedObj.get("id").asText());

    final JsonNode expectedAttributes = expectedObj.get("attributes");
    final JsonNode receivedAttributes = receivedObj.get("attributes");

    assertEquals(
        expectedAttributes.findValue(NAME).asText(), receivedAttributes.findValue(NAME).asText());
    assertEquals(expectedAttributes.findValues(NAME2), receivedAttributes.findValues(NAME2));
  }