private Response doProcess(HttpServletRequest request) { AuthorizationRequest authReq = findAuthorizationRequest(request); if (authReq == null) { return serverError("Not a valid AbstractAuthenticator.AUTH_STATE on the Request"); } processScopes(authReq, request); if (authReq.getResponseType().equals(OAuth2Validator.IMPLICIT_GRANT_RESPONSE_TYPE)) { AccessToken token = createAccessToken(authReq, true); return sendImplicitGrantResponse(authReq, token); } else { return sendAuthorizationCodeResponse(authReq); } }