return "client_credentials";
}
public void validateRequest(OAuth2NormalizedRequest req)
throws OAuth2Exception {
OAuth2Client cl = service.getClient(req.getClientId());
if (cl == null || cl.getFlow() != Flow.CLIENT_CREDENTIALS) {
throwAccessDenied("Bad client id or password");
}
if (cl.getType() != ClientType.CONFIDENTIAL) {
throwAccessDenied("Client credentials flow does not support public clients");
}
if (!cl.getSecret().equals(req.getClientSecret())) {
throwAccessDenied("Bad client id or password");
}
}