[OAuth2] securityContext problem on createSubject

This is probably just ignorance on my part, but when I override the createSubject method in the RedirecationBasedGrantService.java file, the securityContext parameter that is passed in is of type AbstractHTTPDestination$2. This parameter contains my authentication token, but I don't know how to get at it, so I'm having to go to the SecurityContextHolder to get the context instead of just using the parameter.

I'm just using standard Spring authentication, so it seems like many other people would also have AbstractHTTPDestination$2 as the security type, which causes roles to be missed in the OAuthUtils.createSubject method.

I'm sure I missed some details so please let know your questions and thanks for your help.