@Override
protected void doGet(final HttpServletRequest request, final HttpServletResponse resp)
throws IOException {
OAuth2Accessor accessor = null;
try {
final OAuth2Message msg = this.oauth2MessageProvider.get();
msg.parseRequest(request);
final OAuth2Error error = msg.getError();
final String encRequestStateKey = msg.getState();
if (encRequestStateKey == null) {
if (error != null) {
OAuth2CallbackServlet.sendError(error, "encRequestStateKey is null", msg.getErrorDescription(),
msg.getErrorUri(), null, resp, null, this.sendTraceToClient);
} else {
OAuth2CallbackServlet.sendError(OAuth2Error.CALLBACK_PROBLEM,
"OAuth2CallbackServlet requestStateKey is null.", "", "", null, resp, null,
this.sendTraceToClient);
}
return;
}
final OAuth2CallbackState state = new OAuth2CallbackState(this.stateCrypter,
encRequestStateKey);
accessor = this.store.getOAuth2Accessor(state);
if (error != null) {
OAuth2CallbackServlet.sendError(error, "error parsing request", msg.getErrorDescription(),
msg.getErrorUri(), accessor, resp, null, this.sendTraceToClient);
return;
}
if (accessor == null || !accessor.isValid() || accessor.isErrorResponse()) {
String message;
if (accessor != null) {
message = accessor.isValid() ? "OAuth2CallbackServlet accessor isErrorResponse "
: "OAuth2CallbackServlet accessor is invalid ";
message = message + accessor;
} else {
message = "OAuth2CallbackServlet accessor is null";
}
OAuth2CallbackServlet.sendError(OAuth2Error.CALLBACK_PROBLEM, message,
accessor.getErrorContextMessage(), accessor.getErrorUri(), accessor, resp,
accessor.getErrorException(), this.sendTraceToClient);
return;
}
if (!accessor.isRedirecting()) {
// Somehow our accessor got lost. We should not proceed.
OAuth2CallbackServlet.sendError(OAuth2Error.CALLBACK_PROBLEM,
"OAuth2CallbackServlet accessor is not valid, isn't redirecting.", "", "",
accessor, resp, null, this.sendTraceToClient);
return;
}
boolean foundHandler = false;
for (final AuthorizationEndpointResponseHandler authorizationEndpointResponseHandler : this.authorizationEndpointResponseHandlers) {
if (authorizationEndpointResponseHandler.handlesRequest(accessor, request)) {
final OAuth2HandlerError handlerError = authorizationEndpointResponseHandler
.handleRequest(accessor, request);
if (handlerError != null) {
OAuth2CallbackServlet.sendError(handlerError.getError(),
handlerError.getContextMessage(), handlerError.getDescription(),
handlerError.getUri(), accessor, resp, handlerError.getCause(),
this.sendTraceToClient);
return;
}
foundHandler = true;
break;
}
}
if (!foundHandler) {
OAuth2CallbackServlet.sendError(OAuth2Error.NO_RESPONSE_HANDLER,
"OAuth2Callback servlet couldn't find a AuthorizationEndpointResponseHandler", "",
"", accessor, resp, null, this.sendTraceToClient);
return;
}
HttpUtil.setNoCache(resp);
resp.setContentType("text/html; charset=UTF-8");
resp.getWriter().write(OAuth2CallbackServlet.RESP_BODY);
} catch (final Exception e) {
OAuth2CallbackServlet.sendError(OAuth2Error.CALLBACK_PROBLEM,
"Exception occurred processing redirect.", "", "", accessor, resp, e,
this.sendTraceToClient);
if (IOException.class.isInstance(e)) {
throw (IOException) e;
}
} finally {
if (accessor != null) {
if (!accessor.isErrorResponse()) {
accessor.invalidate();
this.store.removeOAuth2Accessor(accessor);
} else {
this.store.storeOAuth2Accessor(accessor);
}
}