}
@RequestMapping(value = "/access/{id}", method = RequestMethod.DELETE, produces = "application/json")
public String deleteAccessTokenById(@PathVariable("id") Long id, ModelMap m, Principal p) {
OAuth2AccessTokenEntity token = tokenService.getAccessTokenById(id);
if (token == null) {
logger.error("getToken failed; token not found: " + id);
m.put("code", HttpStatus.NOT_FOUND);
m.put("errorMessage", "The requested token with id " + id + " could not be found.");
return JsonErrorView.VIEWNAME;
} else if (!token.getAuthenticationHolder().getAuthentication().getName().equals(p.getName())) {
logger.error("getToken failed; token does not belong to principal " + p.getName());
m.put("code", HttpStatus.FORBIDDEN);
m.put("errorMessage", "You do not have permission to view this token");
return JsonErrorView.VIEWNAME;
} else {