Data from signed request is propageted in Exception, when token is missing

[facebook-utils] / src / main / java / de / juplo / facebook / SignedRequestAwareAuthorizationCodeAccessTokenProvider.java

diff --git a/src/main/java/de/juplo/facebook/SignedRequestAwareAuthorizationCodeAccessTokenProvider.java b/src/main/java/de/juplo/facebook/SignedRequestAwareAuthorizationCodeAccessTokenProvider.java
index 8d4c7ee..5df98b7 100644 (file)
--- a/src/main/java/de/juplo/facebook/SignedRequestAwareAuthorizationCodeAccessTokenProvider.java
+++ b/src/main/java/de/juplo/facebook/SignedRequestAwareAuthorizationCodeAccessTokenProvider.java
@@ -142,34 +142,20 @@ public class SignedRequestAwareAuthorizationCodeAccessTokenProvider
         throw redirect;
       }
 
-      DefaultOAuth2AccessToken token = null;
+      /**
+       * Extract additional information and store it in the token
+       * See:
+       * https://developers.facebook.com/docs/reference/login/signed-request/
+       * TODO:
+       * - Attribute "code"
+       */
+      Map<String,Object> additionalInformation = new HashMap<>();
       try
       {
-        String value = json.get("oauth_token").asText();
-        if (value.isEmpty())
-        {
-          log.error("field \"oauth_token\" is missing: {}", data);
-          throw redirect;
-        }
-        token = new DefaultOAuth2AccessToken(value);
-        token.setExpiration(new Date(json.get("expires").getLongValue()*1000L));
-
-        /**
-         * Extract additional information and store it in the token
-         * See:
-         * https://developers.facebook.com/docs/reference/login/signed-request/
-         * TODO:
-         * - Attribute "code"
-         */
-        Map<String,Object> additionalInformation = new HashMap<>();
         additionalInformation.put(
             "issued_at",
             new Date(json.get("issued_at").getLongValue()*1000L)
             );
-        additionalInformation.put(
-            "user_id",
-            json.get("user_id").asText()
-            );
         Map<String,Object> user = new HashMap<>();
         user.put(
             "country",
@@ -199,6 +185,29 @@ public class SignedRequestAwareAuthorizationCodeAccessTokenProvider
           page.put("admin", json.get("page").get("admin").asBoolean());
           additionalInformation.put("page", page);
         }
+      }
+      catch (NullPointerException e)
+      {
+        log.warn("expected additional data is missing: {}", data);
+      }
+
+      DefaultOAuth2AccessToken token = null;
+      try
+      {
+        String value = json.get("oauth_token").asText();
+        if (value.isEmpty())
+        {
+          log.error("field \"oauth_token\" is missing: {}", data);
+          throw redirect;
+        }
+        token = new DefaultOAuth2AccessToken(value);
+        token.setExpiration(new Date(json.get("expires").getLongValue()*1000L));
+
+        additionalInformation.put(
+            "user_id",
+            json.get("user_id").asText()
+            );
+
         token.setAdditionalInformation(additionalInformation);
       }
       catch (NullPointerException e)