private Response sendAuthorizationCodeResponse(AuthorizationRequest authReq) {
String uri = authReq.getRedirectUri();
String authorizationCode = getAuthorizationCodeValue();
authReq.setAuthorizationCode(authorizationCode);
authorizationRequestRepository.save(authReq);
uri = uri + appendQueryMark(uri) + "code=" + authorizationCode + appendStateParameter(authReq);
return Response.seeOther(UriBuilder.fromUri(uri).build())
.cacheControl(cacheControlNoStore())
.header("Pragma", "no-cache")
.build();
}
private Response sendImplicitGrantResponse(
AuthorizationRequest authReq, AccessToken accessToken) {
String uri = authReq.getRedirectUri();
String fragment =
String.format(
"access_token=%s&token_type=bearer&expires_in=%s&scope=%s",
accessToken.getToken(),
accessToken.getExpiresIn(),
StringUtils.join(authReq.getGrantedScopes(), ','))
+ appendStateParameter(authReq);
if (authReq.getClient().isIncludePrincipal()) {
fragment += String.format("&principal=%s", authReq.getPrincipal().getDisplayName());
}
return Response.seeOther(UriBuilder.fromUri(uri).fragment(fragment).build())
.cacheControl(cacheControlNoStore())
.header("Pragma", "no-cache")
.build();
}