private static String tokenizeCodeGrant(ServerAuthorizationCodeGrant grant) { StringBuilder state = new StringBuilder(); // 0: client id state.append(grant.getClient().getClientId()); state.append(SEP); // 1: code state.append(tokenizeString(grant.getCode())); state.append(SEP); // 2: expiresIn state.append(grant.getExpiresIn()); state.append(SEP); // 3: issuedAt state.append(grant.getIssuedAt()); state.append(SEP); // 4: redirect URI state.append(tokenizeString(grant.getRedirectUri())); state.append(SEP); // 5: audience state.append(tokenizeString(grant.getAudience())); state.append(SEP); // 6: code verifier state.append(tokenizeString(grant.getClientCodeVerifier())); state.append(SEP); // 7: approved scopes state.append(grant.getApprovedScopes().toString()); state.append(SEP); // 8: subject tokenizeUserSubject(state, grant.getSubject()); return state.toString(); }