Answer by TheCoffeeCup for API method to validate Facebook OAuth token

In addition to all the other answers here:

1. This code:

   } else {    user = getUserFromDatabase(authToken);    if (user == null) {        user = registerUserInDatabase(authToken);        userPersonalisedWelcome = user.getPersonalisedWelcome;        response.setData(userPersonalisedWelcome);    } else {        response.setData(user.getPersonalisedWelcome);    }    return response;}

   has duplicate code. Though @Michele did an excellent job talking about separating into methods, keep in mind that duplicate code can always be reduced. In this case:

   } else {    user = getUserFromDatabase(authToken);    if (user == null) {        user = registerUserInDatabase(authToken);    }    userPersonalisedWelcome = user.getPersonalisedWelcome;    response.setData(userPersonalisedWelcome);    return response;}

   and can be further improved by removing redundant code to:

   } else {    user = getUserFromDatabase(authToken);    if (user == null) {        user = registerUserInDatabase(authToken);    }    response.setData(user.getPersonalisedWelcome);    return response;}

2. I don't think the other answers covered this, but here:

   try {    authToken = ServerFacebookHelper.getAuthToken(token);} catch (Exception e) {    response.setData("Exception occurred");    return response;}

   Never catch Exception. Always catch only the exceptions that is possible to be thrown. It should be:

   try {    authToken = ServerFacebookHelper.getAuthToken(token);} catch (SomeException | SomeOtherException e) { // Whatever exception can be thrown    response.setData("Exception occurred");    return response;}