public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
final HttpServletRequest request = (HttpServletRequest) req;
String userAgency = request.getHeader(UserAgentUtil.HEADER_USER_AGENT);
if (UserAgentUtil.isOsxFinder(userAgency) || UserAgentUtil.isMicrosoftMiniRedirector(userAgency)) {
chain.doFilter(request, res);
} else {
final HttpServletResponse response = new OAuthWWWAuthenticateAddingResponse((HttpServletResponse) res, applicationProperties);
OAuthRequestVerifier verifier = verifierFactory.getInstance(req);
boolean verifierStatus = verifier.isVerified();
if (!mayProceed(request, response, verifier)) {
LOG.debug("OAuth blocked the request [{}]", request.getRequestURL());
return;
}
try {
chain.doFilter(request, response);
} finally {
if (verifierStatus) {
verifier.setVerified(true);
} else {
verifier.clear();
}
if (OAuthRequestUtils.isOAuthAccessAttempt(request) && request.getSession(false) != null) {
request.getSession().invalidate();
LOG.debug("OAuth invalidated the session for an OAuth request [{}]", request.getRequestURL());
}
}
}
}