}
@RequestMapping(value = "/refresh/{id}", method = RequestMethod.DELETE, produces = "application/json")
public String deleteRefreshTokenById(@PathVariable("id") Long id, ModelMap m, Principal p) {
OAuth2RefreshTokenEntity token = tokenService.getRefreshTokenById(id);
if (token == null) {
logger.error("refresh token not found: " + id);
m.put("code", HttpStatus.NOT_FOUND);
m.put("errorMessage", "The requested token with id " + id + " could not be found.");
return JsonErrorView.VIEWNAME;
} else if (!token.getAuthenticationHolder().getAuthentication().getName().equals(p.getName())) {
logger.error("refresh token " + id + " does not belong to principal " + p.getName());
m.put("code", HttpStatus.FORBIDDEN);
m.put("errorMessage", "You do not have permission to view this token");
return JsonErrorView.VIEWNAME;
} else {