Improving the way webapp requests are authenticated

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFactory.java

@@ -28,7 +28,7 @@ import org.wso2.carbon.webapp.authenticator.framework.authenticator.OAuthAuthent
 
 public class WebappAuthenticatorFactory {
 
-    public static WebappAuthenticator getAuthenticator(Request request) {
+    public static WebappAuthenticator getAuthenticator(String authScheme) {
         return new OAuthAuthenticator();
     }
 

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java

@@ -29,11 +29,14 @@ import javax.servlet.http.HttpServletResponse;
 
 public class WebappAuthenticatorFrameworkValve extends CarbonTomcatValve {
 
+    private static final String AUTHENTICATION_SCHEME = "AuthenticationScheme";
     private static final Log log = LogFactory.getLog(WebappAuthenticatorFrameworkValve.class);
 
     @Override
     public void invoke(Request request, Response response, CompositeValve compositeValve) {
-        WebappAuthenticator authenticator = WebappAuthenticatorFactory.getAuthenticator(request);
+        String authScheme =
+                request.getContext().findParameter(WebappAuthenticatorFrameworkValve.AUTHENTICATION_SCHEME);
+        WebappAuthenticator authenticator = WebappAuthenticatorFactory.getAuthenticator(authScheme);
         WebappAuthenticator.Status status = authenticator.authenticate(request, response);
         this.processResponse(request, response, compositeValve, status);
     }

components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java

@@ -49,8 +49,12 @@ public class OAuthAuthenticator implements WebappAuthenticator {
 
     @Override
     public Status authenticate(Request request, Response response) {
-        StringTokenizer tokenizer = new StringTokenizer(request.getRequestURI(), "/");
+        String requestUri = request.getRequestURI();
+        if (requestUri == null || "".equals(requestUri)) {
+            return Status.CONTINUE;
+        }
 
+        StringTokenizer tokenizer = new StringTokenizer(requestUri, "/");
         String context = request.getContextPath();
         if (context == null || "".equals(context)) {
             context = tokenizer.nextToken();
@@ -59,13 +63,13 @@ public class OAuthAuthenticator implements WebappAuthenticator {
             }
         }
 
-        boolean isContextCached = false;
+//        boolean isContextCached = false;
-        if (APIUtil.getAPIContextCache().get(context) != null) {
+//        if (APIUtil.getAPIContextCache().get(context) != null) {
-            isContextCached = Boolean.parseBoolean(APIUtil.getAPIContextCache().get(context).toString());
+//            isContextCached = Boolean.parseBoolean(APIUtil.getAPIContextCache().get(context).toString());
-        }
+//        }
-        if (!isContextCached) {
+//        if (!isContextCached) {
-            return Status.CONTINUE;
+//            return Status.CONTINUE;
-        }
+//        }
 
         try {
             String apiVersion = tokenizer.nextToken();