in src/main/java/org/apache/sling/auth/oauth_client/support/OAuthEnabledSlingServlet.java [97:143]
private void handleRequestWithToken(@NotNull SlingHttpServletRequest request, @NotNull SlingHttpServletResponse response, String method)
throws ServletException, IOException {
if ( request.getRemoteUser() == null ) {
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "User is not authenticated");
return;
}
String redirectPath = Objects.requireNonNull(getRedirectPath(request), "getRedirectPath() may not return null");
if ( logger.isDebugEnabled() )
logger.debug("Configured with connection (name={}) and redirectPath={}", connection.name(), redirectPath);
OAuthTokenResponse tokenResponse = tokenAccess.getAccessToken(connection, request, redirectPath);
if (tokenResponse.hasValidToken() ) {
OAuthToken token = new OAuthToken(TokenState.VALID, tokenResponse.getTokenValue());
try {
switch ( method ) {
case METHOD_GET:
doGetWithToken(request, response, token.getValue());
break;
case METHOD_POST:
doPostWithToken(request, response, token.getValue());
break;
case METHOD_PUT:
doPutWithToken(request, response, token.getValue());
break;
case METHOD_DELETE:
doDeleteWithToken(request, response, token.getValue());
break;
default:
doGenericWithToken(request, response, token.getValue());
break;
}
} catch (IOException | ServletException e) {
if (isInvalidAccessTokenException(e)) {
logger.warn("Invalid access token, clearing exiting token and restarting OAuth flow", e);
OAuthTokenResponse newTokenResponse = tokenAccess.clearAccessToken(connection, request, redirectPath);
response.sendRedirect(newTokenResponse.getRedirectUri().toString());
} else {
throw e;
}
}
} else {
response.sendRedirect(tokenResponse.getRedirectUri().toString());
}
}