@Test(expected = InvalidTokenException.class)
public void testRejectInvalidVerifier() throws Exception {
signerProvider.setSigningKey(alternateSignerKey);
signerProvider.setVerifierKey(alternateVerifierKey);
signerProvider.afterPropertiesSet();
endpoint.checkToken(accessToken.getValue());
}
@Test
public void testSwitchVerifierKey() throws Exception {
signerProvider.setSigningKey(alternateSignerKey);
signerProvider.setVerifierKey(alternateVerifierKey);
signerProvider.afterPropertiesSet();
OAuth2AccessToken alternateToken = tokenServices.createAccessToken(authentication);
endpoint.checkToken(alternateToken.getValue());
try {
endpoint.checkToken(accessToken.getValue());
fail();
} catch (InvalidTokenException x) {
}
}