if (requestMessage.getToken() == null) {
// MALFORMED REQUEST
servletResponse.sendError(HttpServletResponse.SC_BAD_REQUEST, "Authentication token not found");
return;
}
OAuthEntry entry = dataStore.getEntry(requestMessage.getToken());
if (entry == null) {
servletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "OAuth Entry not found");
return;
}
OAuthConsumer consumer = dataStore.getConsumer(entry.getConsumerKey());
// Extremely rare case where consumer dissappears
if (consumer == null) {
servletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "consumer for entry not found");
return;
}
// The token is disabled if you try to convert to an access token prior to authorization
if (entry.getType() == OAuthEntry.Type.DISABLED) {
servletResponse.sendError(HttpServletResponse.SC_FORBIDDEN, "This token is disabled, please reinitate login");
return;
}
String callback = entry.getCallbackUrl();
// Redirect to a UI flow if the token is not authorized
if (!entry.isAuthorized()) {
// TBD -- need to decode encrypted payload somehow..
if (this.oauthAuthorizeAction.startsWith("http")) {
// Redirect to authorization page with params
// Supply standard set of params
// TBD
} else {
// Use internal forward to a jsp page
servletRequest.setAttribute("OAUTH_DATASTORE", dataStore);
servletRequest.setAttribute("OAUTH_ENTRY", entry);
servletRequest.setAttribute("CALLBACK", callback);
servletRequest.setAttribute("TOKEN", entry.getToken());
servletRequest.setAttribute("CONSUMER", consumer);
servletRequest.getRequestDispatcher(oauthAuthorizeAction).forward(servletRequest,servletResponse);
}
return;
}
// If we're here then the entry has been authorized
// redirect to callback
if (callback == null || "oob".equals(callback)) {
// consumer did not specify a callback
servletResponse.setContentType("text/plain");
PrintWriter out = servletResponse.getWriter();
out.write("Token successfully authorized.\n");
if (entry.getCallbackToken() != null) {
// Usability fail.
out.write("Please enter code " + entry.getCallbackToken() + " at the consumer.");
}
} else {
callback = OAuth.addParameters(callback, OAuth.OAUTH_TOKEN, entry.getToken());
// Add user_id to the callback
callback = OAuth.addParameters(callback, "user_id", entry.getUserId());
if (entry.getCallbackToken() != null) {
callback = OAuth.addParameters(callback, OAuth.OAUTH_VERIFIER,
entry.getCallbackToken());
}
servletResponse.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
servletResponse.setHeader("Location", callback);
}