public ServiceProviderToken generateAccessToken(ServiceProviderToken token) { checkNotNull(token, "token"); // make sure token is authorized if (token.isRequestToken() && token.getAuthorization() != Authorization.AUTHORIZED) { throw new IllegalArgumentException("token is not an authorized request token"); } String t = randomizer.randomAlphanumericString(32); return ServiceProviderToken.newAccessToken(t) .tokenSecret(token.getTokenSecret()) .consumer(token.getConsumer()) .authorizedBy(token.getUser()) .properties(propertiesFactory.newAccessTokenProperties(token)) .session(newSession(token)) .build(); }