in src/main/java/com/microsoft/aad/oidcpoc/BasicFilter.java [44:90]
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
if (request instanceof HttpServletRequest) {
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
try {
String currentUri = AuthHelper.GetReplyUri((HttpServletRequest) request);
String queryStr = httpRequest.getQueryString();
String fullUrl = currentUri + (queryStr != null ? "?" + queryStr : "");
//check if user has already authenticated locally
AuthenticationResult result = AuthHelper
.getAuthSessionObject(httpRequest);
if (result != null && result.getAccessTokenType()==AuthHelper.ACCESS_TOKEN_LOCAL) {
chain.doFilter(request, response);
return;
}
//continue with Azure AD validation
// check if user has a AuthData in the session
if (!AuthHelper.isAuthenticated(httpRequest)) {
if (AuthHelper.containsAuthenticationData(httpRequest)) {
_flow.processAuthenticationData(httpRequest, httpResponse, currentUri, fullUrl);
} else {
// not authenticated
_flow.sendAuthRedirect(httpRequest, httpResponse);
return;
}
}
if (_flow.isAuthDataExpired(httpRequest)) {
_flow.updateAuthDataUsingRefreshToken(httpRequest, httpResponse);
}
} catch (AuthenticationException authException) {
// something went wrong (like expiration or revocation of token)
// we should invalidate AuthData stored in session and redirect to Authorization server
_flow.removePrincipalFromSession(httpRequest);
_flow.sendAuthRedirect(httpRequest, httpResponse);
return;
} catch (Throwable exc) {
httpResponse.setStatus(500);
request.setAttribute("error", exc.getMessage());
request.getRequestDispatcher("/error.jsp").forward(request, response);
}
}
chain.doFilter(request, response);
}