From 21a9df97bbdc2f5398bdb081d6e7c021e77f7aec Mon Sep 17 00:00:00 2001 From: Janak Amarasena Date: Mon, 26 Jun 2017 18:37:01 +0530 Subject: [PATCH] Add proper handling when invalid token is received --- .../extensions/handlers/grant/AccessTokenGrantHandler.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/AccessTokenGrantHandler.java b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/AccessTokenGrantHandler.java index 090a6f0f1b..b161c556e7 100644 --- a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/AccessTokenGrantHandler.java +++ b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/AccessTokenGrantHandler.java @@ -99,6 +99,8 @@ public class AccessTokenGrantHandler extends AbstractAuthorizationGrantHandler { username = response.getUserName(); userTenantDomain = MultitenantUtils.getTenantDomain(username); spTenantDomain = response.getTenantDomain(); + } else if (response != null && !response.isValid()) { + throw new IdentityOAuth2Exception("Authentication failed for the provided access token"); } }