refactoring.

oauth2-framework-impl/oauth2-authorization-server/src/main/java/com/baeldung/oauth2/authorization/server/api/TokenEndpoint.java

@@ -64,6 +64,8 @@ public class TokenEndpoint {
         JsonObject tokenResponse = null;
         try {
             tokenResponse = authorizationGrantTypeHandler.createAccessToken(clientId, params);
+        } catch (WebApplicationException e) {
+            return e.getResponse();
         } catch (Exception e) {
             return responseError("Invalid_request", "Can't get token", Response.Status.INTERNAL_SERVER_ERROR);
         }

oauth2-framework-impl/oauth2-authorization-server/src/main/java/com/baeldung/oauth2/authorization/server/handler/RefreshTokenGrantTypeHandler.java

@@ -8,6 +8,7 @@ import javax.json.Json;
 import javax.json.JsonObject;
 import javax.ws.rs.WebApplicationException;
 import javax.ws.rs.core.MultivaluedMap;
+import javax.ws.rs.core.Response;
 import java.util.Arrays;
 import java.util.Date;
 import java.util.HashSet;
@@ -48,7 +49,12 @@ public class RefreshTokenGrantTypeHandler extends AbstractGrantTypeHandler {
             Set<String> rScopes = new HashSet(Arrays.asList(requestedScopes.split(" ")));
             Set<String> aScopes = new HashSet(Arrays.asList(approvedScopes.split(" ")));
             if (!aScopes.containsAll(rScopes)) {
-                throw new WebApplicationException("Requested scopes should be a subset of those authorized by the resource owner.");
+                JsonObject error = Json.createObjectBuilder()
+                        .add("error", "Invalid_request")
+                        .add("error_description", "Requested scopes should be a subset of the original scopes.")
+                        .build();
+                Response response = Response.status(Response.Status.BAD_REQUEST).entity(error).build();
+                throw new WebApplicationException(response);
             }
         } else {
             requestedScopes = approvedScopes;

oauth2-framework-impl/oauth2-client/src/main/java/com/baeldung/oauth2/client/RefreshTokenServlet.java

@@ -15,6 +15,7 @@ import javax.ws.rs.client.WebTarget;
 import javax.ws.rs.core.Form;
 import javax.ws.rs.core.HttpHeaders;
 import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
 import java.io.IOException;
 
 @WebServlet(urlPatterns = "/refreshtoken")
@@ -42,16 +43,13 @@ public class RefreshTokenServlet extends AbstractServlet {
             form.param("scope", scope);
         }
 
-        JsonObject tokenResponse = target.request(MediaType.APPLICATION_JSON_TYPE)
+        Response jaxrsResponse = target.request(MediaType.APPLICATION_JSON_TYPE)
                 .header(HttpHeaders.AUTHORIZATION, getAuthorizationHeaderValue(clientId, clientSecret))
-                .post(Entity.entity(form, MediaType.APPLICATION_FORM_URLENCODED_TYPE), JsonObject.class);
+                .post(Entity.entity(form, MediaType.APPLICATION_FORM_URLENCODED_TYPE), Response.class);
+        JsonObject tokenResponse = jaxrsResponse.readEntity(JsonObject.class);
+        System.out.println(tokenResponse);
 
-        String error = tokenResponse.getString("error");
-        if (error != null) {
-            request.setAttribute("error", error);
-        } else {
-            request.getSession().setAttribute("tokenResponse", tokenResponse);
-        }
+        request.getSession().setAttribute("tokenResponse", tokenResponse);
         dispatch("/", request, response);
     }
 }