From 21a9df97bbdc2f5398bdb081d6e7c021e77f7aec Mon Sep 17 00:00:00 2001
From: Janak Amarasena <janakamarasena@gmail.com>
Date: Mon, 26 Jun 2017 18:37:01 +0530
Subject: [PATCH] Add proper handling when invalid token is received

---
 .../extensions/handlers/grant/AccessTokenGrantHandler.java      | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/AccessTokenGrantHandler.java b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/AccessTokenGrantHandler.java
index 090a6f0f1b..b161c556e7 100644
--- a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/AccessTokenGrantHandler.java
+++ b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/AccessTokenGrantHandler.java
@@ -99,6 +99,8 @@ public class AccessTokenGrantHandler extends AbstractAuthorizationGrantHandler {
                     username = response.getUserName();
                     userTenantDomain = MultitenantUtils.getTenantDomain(username);
                     spTenantDomain = response.getTenantDomain();
+                } else if (response != null && !response.isValid()) {
+                    throw new IdentityOAuth2Exception("Authentication failed for the provided access token");
                 }
             }