@GET
public Response verifyToken(@HeaderParam(HttpHeaders.AUTHORIZATION)
String authorization, @QueryParam("access_token")
String accessToken) throws IOException {
BasicAuthCredentials credentials =
BasicAuthCredentials.createCredentialsFromHeader(authorization);
if (LOG.isDebugEnabled()) {
LOG.debug("Incoming verify-token request, access token: {}, credentials from authorization header: {}", accessToken, credentials);
}
ResourceServer resourceServer = getResourceServer(credentials);
if (resourceServer == null || !resourceServer.getSecret().equals(credentials.getPassword())) {
LOG.warn("For access token {}: Resource server not found for credentials {}. Responding with 401 in VerifyResource#verifyToken.", accessToken, credentials);
return unauthorized();
}
AccessToken token = accessTokenRepository.findByToken(accessToken);