4 년 전 · 4157302d22
--- a/maxkey-lib/mybatis-jpa-extra-2.3.jar
+++ b/maxkey-lib/mybatis-jpa-extra-2.3.jar
--- a/maxkey-lib/mybatis-jpa-extra-spring-boot-starter-2.3.jar
+++ b/maxkey-lib/mybatis-jpa-extra-spring-boot-starter-2.3.jar
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/common/OAuth2Constants.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/common/OAuth2Constants.java
@@ -39,6 +39,12 @@ public class OAuth2Constants {
 
				 
			
 
				 		public static final String CODE = "code";
			
 
				 		
			
 
				+		
			
 
				+		
			
 
				+		public static final String TOKEN = "token";
			
 
				+		
			
 
				+		public static final String TOKEN_TYPE = "token_type";
			
 
				+		
			
 
				 		public static final String EXPIRES_IN = "expires_in";
			
 
				 		
			
 
				 		/**
			
@@ -65,8 +71,16 @@ public class OAuth2Constants {
 
				 		 * Constant to use while parsing and formatting parameter maps for OAuth2 requests
			
 
				 		 */
			
 
				 		public static final String GRANT_TYPE = "grant_type";
			
 
				+		public static final String GRANT_TYPE_CODE = "code";
			
 
				+		public static final String GRANT_TYPE_PASSWORD = "password";
			
 
				+		public static final String GRANT_TYPE_IMPLICIT = "implicit";
			
 
				+		public static final String GRANT_TYPE_AUTHORIZATION_CODE = "authorization_code";
			
 
				+		public static final String GRANT_TYPE_CLIENT_CREDENTIALS = "client_credentials";
			
 
				+		
			
 
				 		
			
 
				 		public static final String ACCESS_TOKEN = "access_token";
			
 
				+		
			
 
				+		public static final String APPROVAL_PROMPT = "approval_prompt";
			
 
				 	}
			
 
				 	
			
 
				 	public static class ENDPOINT{
			
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/controller/OAuth20AccessConfirmationController.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/controller/OAuth20AccessConfirmationController.java
@@ -15,13 +15,11 @@
 
				  */
			
 
				  
			
 
				 
			
 
				-package org.maxkey.authz.oauth2.provider.approval.controller;
			
 
				+package org.maxkey.authz.oauth2.provider.approval.endpoint;
			
 
				 
			
 
				-import java.util.HashMap;
			
 
				 import java.util.LinkedHashMap;
			
 
				 import java.util.Map;
			
 
				 import org.maxkey.authn.SigninPrincipal;
			
 
				-import org.maxkey.authz.endpoint.AuthorizeBaseEndpoint;
			
 
				 import org.maxkey.authz.oauth2.common.OAuth2Constants;
			
 
				 import org.maxkey.authz.oauth2.common.util.OAuth2Utils;
			
 
				 import org.maxkey.authz.oauth2.provider.AuthorizationRequest;
			
@@ -34,6 +32,8 @@ import org.maxkey.authz.oauth2.provider.approval.ApprovalStore;
 
				 import org.maxkey.persistence.service.AppsService;
			
 
				 import org.maxkey.web.WebConstants;
			
 
				 import org.maxkey.web.WebContext;
			
 
				+import org.slf4j.Logger;
			
 
				+import org.slf4j.LoggerFactory;
			
 
				 import org.springframework.beans.factory.annotation.Autowired;
			
 
				 import org.springframework.beans.factory.annotation.Qualifier;
			
 
				 import org.springframework.stereotype.Controller;
			
@@ -50,8 +50,9 @@ import org.springframework.web.servlet.ModelAndView;
 
				  */
			
 
				 @Controller
			
 
				 @SessionAttributes("authorizationRequest")
			
 
				-public class OAuth20AccessConfirmationController {
			
 
				-
			
 
				+public class OAuth20AccessConfirmationEndpoint {
			
 
				+	static final Logger _logger = LoggerFactory.getLogger(OAuth20AccessConfirmationEndpoint.class);
			
 
				+	 
			
 
				     @Autowired
			
 
				     @Qualifier("appsService")
			
 
				     protected AppsService appsService;
			
@@ -78,10 +79,6 @@ public class OAuth20AccessConfirmationController {
 
				     public ModelAndView getAccessConfirmation(
			
 
				             @RequestParam Map<String, Object> model) throws Exception {
			
 
				         model.remove("authorizationRequest");
			
 
				-        Map<String, String> modelRequest = new HashMap<String, String>();
			
 
				-        for (Object key : model.keySet()) {
			
 
				-            modelRequest.put(key.toString(), model.get(key).toString());
			
 
				-        }
			
 
				         
			
 
				         // Map<String, Object> model
			
 
				         AuthorizationRequest clientAuth = 
			
@@ -111,9 +108,18 @@ public class OAuth20AccessConfirmationController {
 
				                         approval.getStatus() == ApprovalStatus.APPROVED ? "true" : "false");
			
 
				             }
			
 
				         }
			
 
				+        
			
 
				         model.put("scopes", scopes);
			
 
				 
			
 
				+        if(!model.containsKey(OAuth2Constants.PARAMETER.APPROVAL_PROMPT)) {
			
 
				+        	model.put(OAuth2Constants.PARAMETER.APPROVAL_PROMPT, client.getApprovalPrompt());
			
 
				+        }
			
 
				+        
			
 
				         ModelAndView modelAndView = new ModelAndView("authorize/oauth_access_confirmation");
			
 
				+        _logger.debug("Confirmation details ");
			
 
				+        for (Object key : model.keySet()) {
			
 
				+            _logger.debug("key " + key +"=" + model.get(key));
			
 
				+        }
			
 
				         modelAndView.addObject("model", model);
			
 
				         return modelAndView;
			
 
				     }
			
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/controller/OAuth20UserApprovalHandler.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/controller/OAuth20UserApprovalHandler.java
@@ -14,7 +14,7 @@
 
				  * limitations under the License.
			
 
				  */
			
 
				 
			
 
				-package org.maxkey.authz.oauth2.provider.approval.controller;
			
 
				+package org.maxkey.authz.oauth2.provider.approval.endpoint;
			
 
				 
			
 
				 import java.util.Collection;
			
 
				 
			
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/AuthorizationEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/AuthorizationEndpoint.java
@@ -20,10 +20,8 @@ import java.util.HashMap;
 
				 import java.util.LinkedHashMap;
			
 
				 import java.util.Map;
			
 
				 import java.util.Set;
			
 
				-
			
 
				 import javax.servlet.http.HttpServletRequest;
			
 
				 import javax.servlet.http.HttpServletResponse;
			
 
				-
			
 
				 import org.maxkey.authz.oauth2.common.OAuth2AccessToken;
			
 
				 import org.maxkey.authz.oauth2.common.OAuth2Constants;
			
 
				 import org.maxkey.authz.oauth2.common.exceptions.InvalidClientException;
			
@@ -62,8 +60,6 @@ import org.springframework.web.bind.annotation.RequestMapping;
 
				 import org.springframework.web.bind.annotation.RequestMethod;
			
 
				 import org.springframework.web.bind.annotation.RequestParam;
			
 
				 import org.springframework.web.bind.annotation.SessionAttributes;
			
 
				-import org.springframework.web.bind.support.DefaultSessionAttributeStore;
			
 
				-import org.springframework.web.bind.support.SessionAttributeStore;
			
 
				 import org.springframework.web.bind.support.SessionStatus;
			
 
				 import org.springframework.web.servlet.ModelAndView;
			
 
				 import org.springframework.web.servlet.View;
			
@@ -71,10 +67,8 @@ import org.springframework.web.servlet.view.RedirectView;
 
				 import org.springframework.web.util.UriComponents;
			
 
				 import org.springframework.web.util.UriComponentsBuilder;
			
 
				 import org.springframework.web.util.UriTemplate;
			
 
				-
			
 
				 import io.swagger.annotations.Api;
			
 
				 import io.swagger.annotations.ApiOperation;
			
 
				-
			
 
				 import org.maxkey.authz.oauth2.provider.ClientDetailsService;
			
 
				 
			
 
				 /**
			
@@ -114,8 +108,6 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
 
				 
			
 
				 	private UserApprovalHandler userApprovalHandler = new DefaultUserApprovalHandler();
			
 
				 
			
 
				-	private SessionAttributeStore sessionAttributeStore = new DefaultSessionAttributeStore();
			
 
				-
			
 
				 	private OAuth2RequestValidator oauth2RequestValidator = new DefaultOAuth2RequestValidator();
			
 
				 
			
 
				 	private String userApprovalPage = "forward:" + OAuth2Constants.ENDPOINT.ENDPOINT_APPROVAL_CONFIRM;
			
@@ -124,9 +116,6 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
 
				 	
			
 
				 	private Object implicitLock = new Object();
			
 
				 
			
 
				-	public void setSessionAttributeStore(SessionAttributeStore sessionAttributeStore) {
			
 
				-		this.sessionAttributeStore = sessionAttributeStore;
			
 
				-	}
			
 
				 
			
 
				 	public void setErrorPage(String errorPage) {
			
 
				 		this.errorPage = errorPage;
			
@@ -144,7 +133,7 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
 
				 
			
 
				 		Set<String> responseTypes = authorizationRequest.getResponseTypes();
			
 
				 
			
 
				-		if (!responseTypes.contains("token") && !responseTypes.contains("code")) {
			
 
				+		if (!responseTypes.contains(OAuth2Constants.PARAMETER.TOKEN) && !responseTypes.contains(OAuth2Constants.PARAMETER.CODE)) {
			
 
				 			throw new UnsupportedResponseTypeException("Unsupported response types: " + responseTypes);
			
 
				 		}
			
 
				 
			
@@ -188,10 +177,10 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
 
				 
			
 
				 			// Validation is all done, so we can check for auto approval...
			
 
				 			if (authorizationRequest.isApproved()) {
			
 
				-				if (responseTypes.contains("token")) {
			
 
				+				if (responseTypes.contains(OAuth2Constants.PARAMETER.TOKEN)) {
			
 
				 					return getImplicitGrantResponse(authorizationRequest);
			
 
				 				}
			
 
				-				if (responseTypes.contains("code")) {
			
 
				+				if (responseTypes.contains(OAuth2Constants.PARAMETER.CODE)) {
			
 
				 					return new ModelAndView(getAuthorizationCodeResponse(authorizationRequest,
			
 
				 							(Authentication) principal));
			
 
				 				}
			
@@ -245,11 +234,11 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
 
				 
			
 
				 			if (!authorizationRequest.isApproved()) {
			
 
				 				return new RedirectView(getUnsuccessfulRedirect(authorizationRequest,
			
 
				-						new UserDeniedAuthorizationException("User denied access"), responseTypes.contains("token")),
			
 
				+						new UserDeniedAuthorizationException("User denied access"), responseTypes.contains(OAuth2Constants.PARAMETER.TOKEN)),
			
 
				 						false, true, false);
			
 
				 			}
			
 
				 
			
 
				-			if (responseTypes.contains("token")) {
			
 
				+			if (responseTypes.contains(OAuth2Constants.PARAMETER.TOKEN)) {
			
 
				 				return getImplicitGrantResponse(authorizationRequest).getView();
			
 
				 			}
			
 
				 
			
@@ -326,26 +315,26 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
 
				 			url.append("#");
			
 
				 		}
			
 
				 
			
 
				-		url.append("access_token={access_token}");
			
 
				-		url.append("&token_type={token_type}");
			
 
				-		vars.put("access_token", accessToken.getValue());
			
 
				-		vars.put("token_type", accessToken.getTokenType());
			
 
				+		url.append(templateUrlVar(OAuth2Constants.PARAMETER.ACCESS_TOKEN));
			
 
				+		url.append("&").append(templateUrlVar(OAuth2Constants.PARAMETER.TOKEN_TYPE));
			
 
				+		vars.put(OAuth2Constants.PARAMETER.ACCESS_TOKEN, accessToken.getValue());
			
 
				+		vars.put(OAuth2Constants.PARAMETER.TOKEN_TYPE, accessToken.getTokenType());
			
 
				 		String state = authorizationRequest.getState();
			
 
				 
			
 
				 		if (state != null) {
			
 
				-			url.append("&state={state}");
			
 
				-			vars.put("state", state);
			
 
				+			url.append("&").append(templateUrlVar(OAuth2Constants.PARAMETER.STATE));
			
 
				+			vars.put(OAuth2Constants.PARAMETER.STATE, state);
			
 
				 		}
			
 
				 		Date expiration = accessToken.getExpiration();
			
 
				 		if (expiration != null) {
			
 
				 			long expires_in = (expiration.getTime() - System.currentTimeMillis()) / 1000;
			
 
				-			url.append("&expires_in={expires_in}");
			
 
				-			vars.put("expires_in", expires_in);
			
 
				+			url.append("&").append(templateUrlVar(OAuth2Constants.PARAMETER.EXPIRES_IN));
			
 
				+			vars.put(OAuth2Constants.PARAMETER.EXPIRES_IN, expires_in);
			
 
				 		}
			
 
				 		String originalScope = authorizationRequest.getRequestParameters().get(OAuth2Utils.SCOPE);
			
 
				 		if (originalScope == null || !OAuth2Utils.parseParameterList(originalScope).equals(accessToken.getScope())) {
			
 
				-			url.append("&" + OAuth2Utils.SCOPE + "={scope}");
			
 
				-			vars.put("scope", OAuth2Utils.formatParameterList(accessToken.getScope()));
			
 
				+			url.append("&").append(templateUrlVar(OAuth2Constants.PARAMETER.SCOPE));
			
 
				+			vars.put(OAuth2Constants.PARAMETER.SCOPE, OAuth2Utils.formatParameterList(accessToken.getScope()));
			
 
				 		}
			
 
				 		Map<String, Object> additionalInformation = accessToken.getAdditionalInformation();
			
 
				 		for (String key : additionalInformation.keySet()) {
			
@@ -359,6 +348,10 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
 
				 		// Do not include the refresh token (even if there is one)
			
 
				 		return template.expand(vars).toString();
			
 
				 	}
			
 
				+	
			
 
				+	public String templateUrlVar(String parameterName) {
			
 
				+		return parameterName + "={" + parameterName + "}";
			
 
				+	}
			
 
				 
			
 
				 	private String generateCode(AuthorizationRequest authorizationRequest, Authentication authentication)
			
 
				 			throws AuthenticationException {
			
@@ -376,7 +369,7 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
 
				 		catch (OAuth2Exception e) {
			
 
				 
			
 
				 			if (authorizationRequest.getState() != null) {
			
 
				-				e.addAdditionalInformation("state", authorizationRequest.getState());
			
 
				+				e.addAdditionalInformation(OAuth2Constants.PARAMETER.STATE, authorizationRequest.getState());
			
 
				 			}
			
 
				 
			
 
				 			throw e;
			
@@ -391,11 +384,11 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
 
				 		}
			
 
				 
			
 
				 		Map<String, String> query = new LinkedHashMap<String, String>();
			
 
				-		query.put("code", authorizationCode);
			
 
				+		query.put(OAuth2Constants.PARAMETER.CODE, authorizationCode);
			
 
				 
			
 
				 		String state = authorizationRequest.getState();
			
 
				 		if (state != null) {
			
 
				-			query.put("state", state);
			
 
				+			query.put(OAuth2Constants.PARAMETER.STATE, state);
			
 
				 		}
			
 
				 		
			
 
				 		//this is for cas
			
@@ -421,7 +414,7 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
 
				 		query.put("error_description", failure.getMessage());
			
 
				 
			
 
				 		if (authorizationRequest.getState() != null) {
			
 
				-			query.put("state", authorizationRequest.getState());
			
 
				+			query.put(OAuth2Constants.PARAMETER.STATE, authorizationRequest.getState());
			
 
				 		}
			
 
				 
			
 
				 		if (failure.getAdditionalInformation() != null) {
			
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/CheckTokenEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/CheckTokenEndpoint.java
@@ -84,7 +84,7 @@ public class CheckTokenEndpoint {
 
				 	@ApiOperation(value = "OAuth 2.0 token检查接口", notes = "传递参数token",httpMethod="POST")
			
 
				 	@RequestMapping(value = OAuth2Constants.ENDPOINT.ENDPOINT_CHECK_TOKEN)
			
 
				 	@ResponseBody
			
 
				-	public Map<String, ?> checkToken(@RequestParam("token") String value) {
			
 
				+	public Map<String, ?> checkToken(@RequestParam(OAuth2Constants.PARAMETER.TOKEN) String value) {
			
 
				 
			
 
				 		OAuth2AccessToken token = resourceServerTokenServices.readAccessToken(value);
			
 
				 		if (token == null) {
			
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpoint.java
@@ -133,7 +133,7 @@ public class TokenEndpoint extends AbstractEndpoint {
 
				 			if (!StringUtils.hasText(tokenRequest.getGrantType())) {
			
 
				 				throw new InvalidRequestException("Missing grant type");
			
 
				 			}
			
 
				-			if (tokenRequest.getGrantType().equals("implicit")) {
			
 
				+			if (tokenRequest.getGrantType().equals(OAuth2Constants.PARAMETER.GRANT_TYPE_IMPLICIT)) {
			
 
				 				throw new InvalidGrantException("Implicit grant type not supported from token endpoint");
			
 
				 			}
			
 
				 	
			
@@ -150,7 +150,8 @@ public class TokenEndpoint extends AbstractEndpoint {
 
				 			/**crystal.sea
			
 
				 			 * code must uuid format
			
 
				 			 */
			
 
				-			 if (parameters.get("code") != null &&!StringGenerator.uuidMatches(parameters.get("code"))) {
			
 
				+			 if (parameters.get(OAuth2Constants.PARAMETER.CODE) != null 
			
 
				+					 &&!StringGenerator.uuidMatches(parameters.get(OAuth2Constants.PARAMETER.CODE))) {
			
 
				 			    	throw new InvalidRequestException("The code is not valid format .");
			
 
				 			}
			
 
				 			 
			
@@ -221,11 +222,11 @@ public class TokenEndpoint extends AbstractEndpoint {
 
				 	}
			
 
				 
			
 
				 	private boolean isRefreshTokenRequest(Map<String, String> parameters) {
			
 
				-		return "refresh_token".equals(parameters.get("grant_type")) && parameters.get("refresh_token") != null;
			
 
				+		return "refresh_token".equals(parameters.get(OAuth2Constants.PARAMETER.GRANT_TYPE)) && parameters.get("refresh_token") != null;
			
 
				 	}
			
 
				 
			
 
				 	private boolean isAuthCodeRequest(Map<String, String> parameters) {
			
 
				-		return "authorization_code".equals(parameters.get("grant_type")) && parameters.get("code") != null;
			
 
				+		return "authorization_code".equals(parameters.get(OAuth2Constants.PARAMETER.GRANT_TYPE)) && parameters.get(OAuth2Constants.PARAMETER.CODE) != null;
			
 
				 	}
			
 
				 
			
 
				 	public void setOAuth2RequestValidator(OAuth2RequestValidator oAuth2RequestValidator) {
			
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpointAuthenticationFilter.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpointAuthenticationFilter.java
@@ -153,8 +153,8 @@ public class TokenEndpointAuthenticationFilter implements Filter {
 
				 		}
			
 
				 		
			
 
				 		try {
			
 
				-			String grantType = request.getParameter("grant_type");
			
 
				-			if (grantType != null && grantType.equals("password")) {
			
 
				+			String grantType = request.getParameter(OAuth2Constants.PARAMETER.GRANT_TYPE);
			
 
				+			if (grantType != null && grantType.equals(OAuth2Constants.PARAMETER.GRANT_TYPE_PASSWORD)) {
			
 
				 				usernamepassword(request,response);
			
 
				 			}else {
			
 
				 				Authentication authentication=ClientCredentials(request,response);
			
@@ -198,8 +198,8 @@ public class TokenEndpointAuthenticationFilter implements Filter {
 
				 			Authentication authResult = authenticationManager.authenticate(credentials);
			
 
				 	
			
 
				 			logger.debug("Authentication success: " + authResult.getName());
			
 
				-			String clientId = request.getParameter("client_id");
			
 
				-	        String clientSecret = request.getParameter("client_secret");
			
 
				+			String clientId = request.getParameter(OAuth2Constants.PARAMETER.CLIENT_ID);
			
 
				+	        String clientSecret = request.getParameter(OAuth2Constants.PARAMETER.CLIENT_SECRET);
			
 
				 	        UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(clientId,
			
 
				 	                clientSecret);
			
 
				 	        Authentication clientAuth = oauth20ClientAuthenticationManager.authenticate(authRequest);
			
@@ -245,8 +245,8 @@ public class TokenEndpointAuthenticationFilter implements Filter {
 
				 				throw new HttpRequestMethodNotSupportedException(request.getMethod(), new String[] { "POST" });
			
 
				 			}
			
 
				 
			
 
				-			String clientId = request.getParameter("client_id");
			
 
				-			String clientSecret = request.getParameter("client_secret");
			
 
				+			String clientId = request.getParameter(OAuth2Constants.PARAMETER.CLIENT_ID);
			
 
				+			String clientSecret = request.getParameter(OAuth2Constants.PARAMETER.CLIENT_SECRET);
			
 
				 			if(clientId == null) {
			
 
				 				//for header authorization basic
			
 
				 				String authorization_bearer =request.getHeader("authorization");
			
@@ -305,8 +305,8 @@ public class TokenEndpointAuthenticationFilter implements Filter {
 
				 	 * @return an authentication for validation (or null if there is no further authentication)
			
 
				 	 */
			
 
				 	protected Authentication extractCredentials(HttpServletRequest request) {
			
 
				-		String grantType = request.getParameter("grant_type");
			
 
				-		if (grantType != null && grantType.equals("password")) {
			
 
				+		String grantType = request.getParameter(OAuth2Constants.PARAMETER.GRANT_TYPE);
			
 
				+		if (grantType != null && grantType.equals(OAuth2Constants.PARAMETER.GRANT_TYPE_PASSWORD)) {
			
 
				 			UsernamePasswordAuthenticationToken result = new UsernamePasswordAuthenticationToken(
			
 
				 					request.getParameter("username"), request.getParameter("password"));
			
 
				 			result.setDetails(authenticationDetailsSource.buildDetails(request));
			
@@ -316,7 +316,7 @@ public class TokenEndpointAuthenticationFilter implements Filter {
 
				 	}
			
 
				 
			
 
				 	private Set<String> getScope(HttpServletRequest request) {
			
 
				-		return OAuth2Utils.parseParameterList(request.getParameter("scope"));
			
 
				+		return OAuth2Utils.parseParameterList(request.getParameter(OAuth2Constants.PARAMETER.SCOPE));
			
 
				 	}
			
 
				 	
			
 
				 	public void init(FilterConfig filterConfig) throws ServletException {
			
@@ -346,7 +346,7 @@ public class TokenEndpointAuthenticationFilter implements Filter {
 
				 				uri = uri.substring(0, pathParamIndex);
			
 
				 			}
			
 
				 
			
 
				-			String clientId = request.getParameter("client_id");
			
 
				+			String clientId = request.getParameter(OAuth2Constants.PARAMETER.CLIENT_ID);
			
 
				 
			
 
				 			if (clientId == null) {
			
 
				 				// Give basic auth a chance to work instead (it's preferred anyway)
			
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/token/DefaultAccessTokenConverter.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/token/DefaultAccessTokenConverter.java
@@ -110,6 +110,10 @@ public class DefaultAccessTokenConverter implements AccessTokenConverter {
 
				 		if (clientToken.getResourceIds() != null && !clientToken.getResourceIds().isEmpty()) {
			
 
				 			response.put(AUD, clientToken.getResourceIds());
			
 
				 		}
			
 
				+		
			
 
				+		//default 
			
 
				+		response.put("active", Boolean.TRUE);
			
 
				+		
			
 
				 		return response;
			
 
				 	}
			
 
				 
			
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/autoconfigure/Oauth20AutoConfiguration.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/autoconfigure/Oauth20AutoConfiguration.java
@@ -28,7 +28,7 @@ import org.maxkey.authz.oauth2.common.OAuth2Constants;
 
				 import org.maxkey.authz.oauth2.provider.ClientDetailsService;
			
 
				 import org.maxkey.authz.oauth2.provider.OAuth2UserDetailsService;
			
 
				 import org.maxkey.authz.oauth2.provider.approval.TokenApprovalStore;
			
 
				-import org.maxkey.authz.oauth2.provider.approval.controller.OAuth20UserApprovalHandler;
			
 
				+import org.maxkey.authz.oauth2.provider.approval.endpoint.OAuth20UserApprovalHandler;
			
 
				 import org.maxkey.authz.oauth2.provider.client.ClientDetailsUserDetailsService;
			
 
				 import org.maxkey.authz.oauth2.provider.client.JdbcClientDetailsService;
			
 
				 import org.maxkey.authz.oauth2.provider.code.AuthorizationCodeServices;