}
}
token.setSubject(new UserSubject(sc.getUserPrincipal() == null
? null : sc.getUserPrincipal().getName(), roleNames));
AuthorizationInput input = new AuthorizationInput();
input.setToken(token);
Set<OAuthPermission> approvedScopesSet = new HashSet<OAuthPermission>();
List<OAuthPermission> originalScopes = token.getScopes();
for (OAuthPermission perm : originalScopes) {
String param = oAuthMessage.getParameter(perm.getPermission() + "_status");
if (param != null && OAuthConstants.AUTHORIZATION_DECISION_ALLOW.equals(param)) {
approvedScopesSet.add(perm);
}
}
List<OAuthPermission> approvedScopes = new LinkedList<OAuthPermission>(approvedScopesSet);
if (approvedScopes.isEmpty()) {
approvedScopes = originalScopes;
} else if (approvedScopes.size() < originalScopes.size()) {
for (OAuthPermission perm : originalScopes) {
if (perm.isDefault() && !approvedScopes.contains(perm)) {
approvedScopes.add(perm);
}
}
}
input.setApprovedScopes(approvedScopes);
String verifier = dataProvider.finalizeAuthorization(input);
queryParams.put(OAuth.OAUTH_VERIFIER, verifier);
} else {
dataProvider.removeToken(token);