Avoid rehandling api based auth response

janakamarasena · janakamarasena · commit 8c53618a5409 · 2023-10-27T15:20:31.000+05:30
diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/authz/OAuth2AuthzEndpoint.java b/components/org.wso2.carbon.identity.oauth.endpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/authz/OAuth2AuthzEndpoint.java
@@ -4341,14 +4341,19 @@ private Response handleApiBasedAuthenticationResponse(OAuthMessage oAuthMessage,
                 ObjectMapper objectMapper = new ObjectMapper();
                 objectMapper.setSerializationInclusion(JsonInclude.Include.NON_EMPTY);
                 String jsonString = objectMapper.writeValueAsString(authResponse);
+                oAuthMessage.getRequest().setAttribute(IS_API_BASED_AUTH_HANDLED, true);
                 return Response.ok().entity(jsonString).build();
 
             } else {
-                String location = oauthResponse.getMetadata().get("Location").get(0).toString();
-                if (StringUtils.isNotBlank(location)) {
-                    Map<String, String> queryParams = getQueryParamsFromUrl(location);
-                    String jsonPayload = new Gson().toJson(queryParams);
-                    return Response.status(HttpServletResponse.SC_OK).entity(jsonPayload).build();
+                List<Object> locationHeader = oauthResponse.getMetadata().get("Location");
+                if (CollectionUtils.isNotEmpty(locationHeader)) {
+                    String location = locationHeader.get(0).toString();
+                    if (StringUtils.isNotBlank(location)) {
+                        Map<String, String> queryParams = getQueryParamsFromUrl(location);
+                        String jsonPayload = new Gson().toJson(queryParams);
+                        oAuthMessage.getRequest().setAttribute(IS_API_BASED_AUTH_HANDLED, true);
+                        return Response.status(HttpServletResponse.SC_OK).entity(jsonPayload).build();
+                    }
                 }
             }
         } catch (AuthServiceException | JsonProcessingException | UnsupportedEncodingException | URISyntaxException e) {
@@ -4357,6 +4362,7 @@ private Response handleApiBasedAuthenticationResponse(OAuthMessage oAuthMessage,
             params.put(OAuthConstants.OAUTH_ERROR, OAuth2ErrorCodes.SERVER_ERROR);
             params.put(OAuthConstants.OAUTH_ERROR_DESCRIPTION, "Server error occurred while performing authorization.");
             String jsonString = new Gson().toJson(params);
+            oAuthMessage.getRequest().setAttribute(IS_API_BASED_AUTH_HANDLED, true);
             return Response.status(HttpServletResponse.SC_INTERNAL_SERVER_ERROR).entity(jsonString).build();
         }
 
