if (atConsumer == null || !consumerKey.equals(atConsumer.getKey())) {
throw newUnauthorizedException();
}
nonceKey = "t:" + token;
secrets.tokenSecret(accessToken.getSecret());
sc = new OAuthSecurityContext(accessToken, request.isSecure());
}
if (!verifySignature(osr, params, secrets)) {
throw newUnauthorizedException();