@Override public RequestSecurityTokenResponseType renew(String tenantName, Request req) { assert tenantName != null; assert req != null; STS sts = stsFactory.getSTS(tenantName); try { return sts.renew(req); } catch (InvalidSignatureException e) { throw new InvalidCredentialsException(e.getMessage(), e); } }