}
private OAuth2HandlerError refreshToken(final DominoOAuth2Accessor accessor) {
final String method = "refreshToken";
log.entering(CLASS, method, new Object[] { accessor });
OAuth2HandlerError ret = null;
String refershTokenUrl;
refershTokenUrl = buildRefreshTokenUrl(accessor);
if (log.isLoggable(Level.FINEST)) {
log.logp(Level.FINEST, CLASS, method, "refershTokenUrl = {0}", new Object[]{refershTokenUrl});
}
if (refershTokenUrl != null) {
HttpResponse response = null;
final HttpRequest request = new HttpRequest(Uri.parse(refershTokenUrl));
request.setSecurityToken(new AnonymousSecurityToken("", 0L, accessor.getGadgetUri()));
request.setMethod("POST");
request.setHeader("Content-Type", "application/x-www-form-urlencoded; charset=utf-8");
for (final ClientAuthenticationHandler clientAuthenticationHandler : this.clientAuthenticationHandlers) {
if (clientAuthenticationHandler.geClientAuthenticationType().equalsIgnoreCase(
accessor.getClientAuthenticationType())) {
clientAuthenticationHandler.addOAuth2Authentication(request, accessor);
}
}
try {
final byte[] body = getRefreshBody(accessor).getBytes("UTF-8");
request.setPostBody(body);
} catch (final Exception e) {
log.logp(Level.WARNING, CLASS, method, "Error while getting body for refresh request.", e);
ret = new OAuth2HandlerError(OAuth2Error.REFRESH_TOKEN_PROBLEM,
"error generating refresh body", e);
}
if (!isUriAllowed(request.getUri(), accessor.getAllowedDomains())) {
ret = new OAuth2HandlerError(OAuth2Error.REFRESH_TOKEN_PROBLEM,
"error fetching refresh token - domain not allowed", null);
}
if (ret == null) {
try {
response = this.fetcher.fetch(request);
} catch (final GadgetException e) {
log.logp(Level.WARNING, CLASS, method, "Error while making refresh request.", e);
ret = new OAuth2HandlerError(OAuth2Error.REFRESH_TOKEN_PROBLEM,
"error fetching refresh token", e);
}
if (log.isLoggable(Level.FINEST)) {
log.logp(Level.FINEST, CLASS, method, "response = {0}", new Object[] {response});
}
if (ret == null) {
// response is not null..
final int statusCode = response.getHttpStatusCode();
if (statusCode == HttpResponse.SC_UNAUTHORIZED
|| statusCode == HttpResponse.SC_BAD_REQUEST) {
try {
this.tokenStore.removeRefreshToken(accessor);
} catch (final GadgetException e) {
ret = new OAuth2HandlerError(OAuth2Error.REFRESH_TOKEN_PROBLEM,
"failed to remove refresh token", e);
}
accessor.setRefreshToken(null);
if (log.isLoggable(Level.FINEST)) {
log.logp(Level.FINEST, CLASS, method,
"received {0} from provider, removed refresh token. response = {1}",
new Object[] { statusCode, response.getResponseAsString() });
}
return ret;
} else if (statusCode != HttpResponse.SC_OK) {
ret = new OAuth2HandlerError(OAuth2Error.REFRESH_TOKEN_PROBLEM,
"bad response from server : " + statusCode, null, "",
response.getResponseAsString());
}
if (ret == null) {
for (final TokenEndpointResponseHandler tokenEndpointResponseHandler : this.tokenEndpointResponseHandlers) {
if (tokenEndpointResponseHandler.handlesResponse(accessor, response)) {
final OAuth2HandlerError error = tokenEndpointResponseHandler.handleResponse(
accessor, response);
if (error != null) {
try {
this.tokenStore.removeRefreshToken(accessor);
} catch (GadgetException e) {