private Response sendAuthorizationCodeResponse(AuthorizationRequest authReq) { String uri = authReq.getRedirectUri(); String authorizationCode = getAuthorizationCodeValue(); authReq.setAuthorizationCode(authorizationCode); authorizationRequestRepository.save(authReq); uri = uri + appendQueryMark(uri) + "code=" + authorizationCode + appendStateParameter(authReq); return Response.seeOther(UriBuilder.fromUri(uri).build()) .cacheControl(cacheControlNoStore()) .header("Pragma", "no-cache") .build(); }
private Response sendImplicitGrantResponse( AuthorizationRequest authReq, AccessToken accessToken) { String uri = authReq.getRedirectUri(); String fragment = String.format( "access_token=%s&token_type=bearer&expires_in=%s&scope=%s", accessToken.getToken(), accessToken.getExpiresIn(), StringUtils.join(authReq.getGrantedScopes(), ',')) + appendStateParameter(authReq); if (authReq.getClient().isIncludePrincipal()) { fragment += String.format("&principal=%s", authReq.getPrincipal().getDisplayName()); } return Response.seeOther(UriBuilder.fromUri(uri).fragment(fragment).build()) .cacheControl(cacheControlNoStore()) .header("Pragma", "no-cache") .build(); }