@Override public State handleAuthenticationResolved(Request request, Response response, AuthenticationContext context) throws Throwable { Authentication authc = context.getAuthentication(); if(null != authc) { AccessToken at; if(authc instanceof OAuth2LoginAuthentication) { at = ((OAuth2LoginAuthentication) authc).getAccessToken(); if(null != at) { accessTokenStore.saveAccessToken(request, context, at); } }else{ at = accessTokenStore.loadAccessToken(request, context); } if(null != at) { if(at.isExpired()) { log.info("AT '{}' expired, refresh it", at.getToken()); at = accessTokenStore.refreshAndSaveAccessToken(request, context, at); } TokenContext.setAccessToken(request, at); } } return State.CONTINUE; }