@Post("json") public Representation authenticate(Representation input) throws Exception { getLogger().fine("In Authenticate resource"); if (isLocalAcessOnly()) { // Check that protocol = RIAP String scheme = getOriginalRef().getScheme(); if (!Protocol.RIAP.getSchemeName().equals(scheme)) { throw new ResourceException( Status.CLIENT_ERROR_BAD_REQUEST, "Auth server only allows local resource validation"); } } JSONObject call = new JsonRepresentation(input).getJsonObject(); if (!call.has(TOKEN_TYPE)) { throw new OAuthException(OAuthError.invalid_request, "No token_type", null); } String tokenType = call.getString(TOKEN_TYPE); final Token token; if (tokenType.equals(OAuthServerResource.TOKEN_TYPE_BEARER)) { token = tokens.validateToken(call.get(ACCESS_TOKEN).toString()); } /* * else if (tokenType.equals(OAuthServerResource.TOKEN_TYPE_MAC)) { // * TODO } */ else { throw new OAuthException(OAuthError.invalid_request, "Unsupported token_type", null); } JSONObject resp = new JSONObject(); resp.put(USERNAME, ((ServerToken) token).getUsername()); resp.put(SCOPE, Scopes.toString(token.getScope())); return new JsonRepresentation(resp); }