/**
  * Handle Access Token
  *
  * @param  Request $request
  * @return OAuth2AccessToken
  */
 protected function handleAccessToken(Request $request)
 {
     $accessToken = null;
     $header = $request->headers->get('authorization');
     if (!empty($header)) {
         $pos = strpos($header, 'Bearer');
         if ($pos !== false) {
             $accessToken = substr($header, $pos + 7);
         }
     }
     if (empty($accessToken) && $request->query->has('access_token')) {
         $accessToken = $request->query->get('access_token');
     }
     if (empty($accessToken) && $request->getMethod() == 'POST' && $request->server->get('content_type') == 'application/x-www-form-urlencoded') {
         $accessToken = $request->request->get('access_token');
     }
     if (empty($accessToken)) {
         return null;
     }
     if (null !== $this->logger) {
         $this->logger->info('OAuth2 authentication Authorization header found for user.');
     }
     $token = new OAuth2AccessToken();
     $token->setAccessToken($accessToken);
     $token->setSignature($this->getSignature($request));
     $token->setSignedUrl($request->getUri());
     return $token;
 }
 /**
  * Authenticate with access token
  *
  * @param  TokenInterface $token
  * @return OAuth2AccessToken
  */
 protected function authenticateAccessToken(TokenInterface $token)
 {
     $accessToken = $this->accessTokenProvider->get($token->getAccessToken());
     $this->checkAccessToken($accessToken);
     $client = $this->clientProvider->get($accessToken->getClient());
     $this->checkClient($client);
     $this->checkSignature($token, $client);
     // check scope
     $user = $this->userProvider->loadUserByUsername($accessToken->getUsername());
     try {
         $this->userChecker->checkPreAuth($user);
     } catch (AccountStatusException $e) {
         throw new OAuthAccessTokenNotFoundException($e->getMessage(), 401, $e, $this->realmName);
     }
     $retval = new OAuth2AccessToken($user->getRoles());
     $retval->setAuthenticated(true);
     $retval->setAccessToken($accessToken->getId());
     $retval->setUser($user);
     $retval->setClient($client);
     $retval->setSignature($token->getSignature());
     return $retval;
 }