class Admin::Oauth::TokensController < Doorkeeper::TokensController
  def create
    super unless render_error_for_inactive_application
  end

  private
    def render_error_for_inactive_application
      return if authorization.nil?
      return if oauth_application.nil?
      return if oauth_application.active

      render status: :unauthorized, json: {
        error: :invalid_client,
        error_description: 'Client authentication failed due to inactive credentials.'
      }
    end

    def oauth_application
      @oauth_application ||= Oauth::Application.find_by(client_id: decoded_client_id)
    end

    def authorization
      request.headers['Authorization']
    end

    def decoded_client_id
      Base64.decode64(authorization.gsub('Basic ', '')).split(':').first
    end
end