@RequestMapping(value = "/oauth/addApp/{TOKEN}/{APPID}", method = RequestMethod.GET)
  @Timed
  public AddAppResponseDTO addApp(
      @PathVariable("TOKEN") String ott,
      @PathVariable("APPID") String appId,
      HttpServletRequest request)
      throws IOException, JAXBException, TokenNotFoundException, TokenAlreadyUsedException {
    AddAppResponseDTO response = new AddAppResponseDTO();
    log.debug("REST ADD CUSTOM APPS. token [{}]", ott);

    Token token = tokenRepository.findOneByOtt(ott);
    if (token == null) {
      throw new TokenNotFoundException(ott);
    }

    Person person = token.getPerson();
    Application application = token.getApplication();

    Application customApp = applicationRepository.findOne(new Long(appId));

    log.debug(
        "REST ADD CUSTOM APPS. person [{}], localid [{}], customApp [{}]",
        person,
        person.getLocalID(),
        customApp.getId());

    RelPersonApplication relPersonApplication = null;
    relPersonApplication = new RelPersonApplication();
    relPersonApplication.setApplication(customApp);
    relPersonApplication.setPerson(person);
    relPersonApplication.setToken(token);
    relPersonApplication.setValid(null);
    relPersonApplication.setLast(true);
    relPersonApplication.setCustom(true);
    relPersonApplicationRepository.save(relPersonApplication);

    ApplicationMinDTO appMinAdded = ApplicationMapper.from(customApp, true, null);
    response.setApp(appMinAdded);

    return response;
  }
  @RequestMapping(value = "/oauth/{TOKEN}", method = RequestMethod.GET)
  @Timed
  public void oauthUser(
      @PathVariable("TOKEN") String ott, HttpServletRequest request, HttpServletResponse response)
      throws IOException, JAXBException, TokenNotFoundException, TokenAlreadyUsedException {
    log.debug("REST OAUTH START. token [{}]", ott);

    Token token = tokenRepository.findOneByOtt(ott);
    if (token == null) {
      throw new TokenNotFoundException(ott);
    }
    // if( token.getDateUsed() !=null){
    //	throw new TokenAlreadyUsedException(ott);
    // }

    Person person = token.getPerson();
    Application application = token.getApplication();

    // qual è l'organizzazione dell'utente?
    String orgUnit = null;
    if (application.getAllOrg()) orgUnit = token.getOrgUnit();
    else orgUnit = application.getOrgUnit();

    List<Application> applicationForUser =
        applicationRepository.findAllByOrgUnitOrAllOrgIsTrue(orgUnit);
    Map<Long, Application> applicationForUserMap = new HashMap<Long, Application>();
    for (Application i : applicationForUser) applicationForUserMap.put(i.getId(), i);

    List<RelPersonApplication> listApplicationAuth =
        relPersonApplicationRepository.findAllByPersonIsAndLastIsTrue(person);
    Map<Long, RelPersonApplication> mapRelOld = new HashMap<Long, RelPersonApplication>();
    // Set old application access key invalid
    for (int i = 0; i < listApplicationAuth.size(); i++) {
      RelPersonApplication applicationAuthorize = listApplicationAuth.get(i);
      applicationAuthorize.setValid(false);
      applicationAuthorize.setLast(false);
      relPersonApplicationRepository.save(applicationAuthorize);
      mapRelOld.put(applicationAuthorize.getApplication().getId(), applicationAuthorize);
      if ((applicationAuthorize.getCustom() == true)
          && (applicationForUserMap.get(applicationAuthorize.getApplication().getId()) == null)) {
        applicationForUser.add(applicationAuthorize.getApplication());
      }
    }

    // token.setDateUsed(DateTime.now());
    // tokenRepository.save(token);

    Application applicationAuthorize = null;
    RelPersonApplication relPersonApplication = null;

    // Create new access key record
    for (int i = 0; i < applicationForUser.size(); i++) {
      applicationAuthorize = applicationForUser.get(i);
      relPersonApplication = new RelPersonApplication();
      relPersonApplication.setApplication(applicationAuthorize);
      relPersonApplication.setPerson(person);
      relPersonApplication.setToken(token);
      if (mapRelOld.get(applicationAuthorize.getId()) != null) {
        RelPersonApplication relOld = mapRelOld.get(applicationAuthorize.getId());
        relPersonApplication.setDateReleased(relOld.getDateReleased());
        relPersonApplication.setOauthAccessToken(relOld.getOauthAccessToken());
        relPersonApplication.setCustom(relOld.getCustom());
      } else {
        relPersonApplication.setCustom(false);
      }
      relPersonApplication.setValid(null);
      relPersonApplication.setLast(true);

      relPersonApplicationRepository.save(relPersonApplication);
    }

    String urlToRedirect = getLandingPageURL(request, ott);

    log.info(
        "REST OAUTH REDIRECT TO APP. listApp [{}], appId [{}], token [{}], urlRedirect [{}]",
        applicationForUser.size(),
        applicationAuthorize.getApplicationID(),
        ott,
        urlToRedirect);
    log.debug("REST OAUTH FINISH. token [{}], urlToRedirect [{}]", ott, urlToRedirect);

    response.sendRedirect(urlToRedirect);
    return;
  }