Examples of org.restlet.ext.oauth.internal.Token

• org.restlet.ext.oauth.internal.Token
  Abstract Token that must be extended by all token implementations @author Kristoffer Gronowski @see UnlimitedToken @see ExpireToken

        } else {
            user = client.createUser(userId);
        }

        // TODO generate token and keep for a while.
        Token token = generator.generateToken(user, tokenTimeSec);
        StringBuilder location = new StringBuilder(redirURL);
        location.append("#access_token=").append(token.getToken());

        // TODO add expires
        appendState(location);

        // Sets the no-store Cache-Control header

            if (call.has("owner"))
                owner = call.getString("owner");

            getLogger().info(
                    "In Validator resource - searching for token = " + token);
            Token t = generator.findToken(token);

            if (t == null) {
                response.put("authenticated", authenticated);
                error = OAuthError.INVALID_TOKEN.name();
                // setStatus(Status.CLIENT_ERROR_FORBIDDEN);
            } else {
                getLogger().info("In Validator resource - got token = " + t);

                if (t instanceof ExpireToken) {
                    // check that the right token was used
                    ExpireToken et = (ExpireToken) t;

                    if (!token.equals(et.getToken())) {
                        error = OAuthError.INVALID_TOKEN.name();
                        getLogger().warning(
                                "Should not use the refresh_token to sign!");
                    }
                }

                // Todo do more fine grained scope comparison.
                getLogger().info("Received uri = " + uri);
                getLogger().info("Received scope = " + scopes);
                getLogger().info("Received owner = " + owner);

                AuthenticatedUser user = t.getUser();
                authenticated = (user == null) ? false : true;

                if (!authenticated) {
                    error = OAuthError.INVALID_REQUEST.name();
                }

        // sent to other entity
        // unauthorized_client, right now this is only performed if
        // ScopedResource getOwner returns the user

        // 5 min timeout on tokens, 0 for unlimited
        Token token = generator.exchangeForToken(code, tokenTimeSec);

        // TODO send back scopes if limited

        JSONObject body = createJsonToken(token, null);

            getLogger().info("Requested scopes none flow = " + roles);
            user.addRole(r, "");
            getLogger().info("Adding scope = " + r.getName() + " to auto user");
        }

        Token token = generator.generateToken(user, tokenTimeSec);
        JSONObject body = createJsonToken(token, null); // Scopes N/A

        // Sets the no-store Cache-Control header
        getResponse().setCacheDirectives(noStore);
        return new JsonStringRepresentation(body);

            setStatus(Status.CLIENT_ERROR_FORBIDDEN);
            return sendError(OAuthError.INVALID_GRANT, "Password not correct.",
                    null);
        }

        Token token = generator.generateToken(user, tokenTimeSec);
        JSONObject body = createJsonToken(token, null); // Scopes N/A

        // Sets the no-store Cache-Control header
        getResponse().setCacheDirectives(noStore);
        return new JsonStringRepresentation(body);

            setStatus(Status.CLIENT_ERROR_FORBIDDEN);
            return sendError(OAuthError.INVALID_CLIENT,
                    "Client id verification failed.", null);
        }

        Token token = generator.findToken(rToken);

        if (token != null && (token instanceof ExpireToken)) {
            AuthenticatedUser user = token.getUser();

            // Make sure that the user owning the token is owned by this client
            if (client.containsUser(user.getId())) {
                // refresh the token
                generator.refreshToken((ExpireToken) token);