private void setAuthorization( TokenGrantInfo tokenGrantInfo, HttpServletRequest request, HttpServletResponse response) throws OAuthProblemException { isAuthorized = false; checkTokenCurrentAndNotExpired(tokenGrantInfo); OAuth2RSEndpoint requestEndpoint = findEndpointForRequest(request); if (grantScopeMatchesRequest(tokenGrantInfo, requestEndpoint)) { log.info("Verified token " + tokenGrantInfo.getAccessToken()); isAuthorized = true; // If client has no refresh token and token is within the threshold time of expiring, push out // expiry time if ((!tokenGrantInfo.getHasRefreshToken()) && tokenCloseToExpiring(tokenGrantInfo) && response != null) { log.info("Requesting token expiry time be extended"); Optional<AccessTokenExpiryInfo> newExpiryInfo = authService.extendAccessTokenExpirySeconds(tokenGrantInfo.getAccessToken()); if (newExpiryInfo.isPresent()) { Map<String, Object> entries = Maps.newHashMap(); String accessTimeRemaining = newExpiryInfo.get().getAccessTokenTimeRemaining(); entries.put(OAuth.OAUTH_EXPIRES_IN, accessTimeRemaining); log.info("Token will now expire in " + accessTimeRemaining + " seconds"); response.setHeader(OAuth.HeaderType.AUTHORIZATION, OAuthUtils.encodeOAuthHeader(entries)); } } return; } log.info("Could not find grant scope matching request"); throw OAuthProblemException.error(OAuthError.ResourceResponse.INSUFFICIENT_SCOPE); }