Add proper handling when invalid token is received

2025-10-06 02:01:45 +00:00 · 2017-06-26 18:37:01 +05:30 · 2017-06-26 18:37:01 +05:30 · 21a9df97bb
commit 21a9df97bb
parent e23ef52e61
1 changed files with 2 additions and 0 deletions
--- a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/AccessTokenGrantHandler.java
+++ b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/grant/AccessTokenGrantHandler.java
@ -99,6 +99,8 @@ public class AccessTokenGrantHandler extends AbstractAuthorizationGrantHandler {
                    username = response.getUserName();
                    userTenantDomain = MultitenantUtils.getTenantDomain(username);
                    spTenantDomain = response.getTenantDomain();
+                } else if (response != null && !response.isValid()) {
+                    throw new IdentityOAuth2Exception("Authentication failed for the provided access token");
                }
            }