// This is a critical security vulnerability. The ID token should be validated
            // to ensure it was issued by the expected OpenID Connect provider and has not been tampered with.
            // TODO: Implement JWT signature validation using the provider's public key

            final Map<String, Object> attributes = new HashMap<>();
            attributes.put("accesstoken", tr.getAccessToken());

                    QueryBuilders.boolQuery().must(QueryBuilders.termQuery(fessConfig.getIndexFieldDocId(), docId));
            final Set<String> roleSet = ComponentUtil.getRoleQueryHelper().build(SearchRequestType.JSON); // TODO SearchRequestType?
            final QueryHelper queryHelper = ComponentUtil.getQueryHelper();
            if (!roleSet.isEmpty()) {
                queryHelper.buildRoleQuery(roleSet, boolQuery);
            }