@Override protected Object doProcessRequest(ActionParam inParam) throws InvalidParameterException, ForbiddenException, InvalidSessionException { final UserData theSessionUser = SessionManager.getUserFromSessionParam(inParam); final Boolean activate = inParam.getBoolean(ManageToken.ACTIVATE); // just returns the token value if it exists if (activate == null) { if (theSessionUser.hasToken()) { return String.valueOf(theSessionUser.getToken()); } } else { if (!theSessionUser.hasToken() && activate) { return String.valueOf(theSessionUser.generateToken()); } if (theSessionUser.hasToken() && !activate) { theSessionUser.clearToken(); } } return null; }