List of usage examples for com.google.api.client.googleapis.auth.oauth2 GoogleIdToken getPayload
@Override
public Payload getPayload()
From source file:org.n52.v3d.terraintools.auth.ConnectServlet.java
License:Open Source License
@Override protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("application/json"); // Only connect a user that is not already connected. String tokenData = (String) request.getSession().getAttribute("token"); if (tokenData != null) { response.setStatus(HttpServletResponse.SC_OK); System.out.println("Current user is already connected"); response.getWriter().print(GSON.toJson("Current user is already connected.")); DriveSample.init(tokenData);//from www. jav a 2 s .c om return; } // Normally the state would be a one-time use token, however in our // simple case, we want a user to be able to connect and disconnect // without reloading the page. Thus, for demonstration, we don't // implement this best practice. //request.getSession().removeAttribute("state"); ByteArrayOutputStream resultStream = new ByteArrayOutputStream(); getContent(request.getInputStream(), resultStream); String code = new String(resultStream.toByteArray(), "UTF-8"); try { // Upgrade the authorization code into an access and refresh token. GoogleTokenResponse tokenResponse = new GoogleAuthorizationCodeTokenRequest(TRANSPORT, JSON_FACTORY, CLIENT_ID, CLIENT_SECRET, code, "postmessage").execute(); // You can read the Google user ID in the ID token. // This sample does not use the user ID. GoogleIdToken idToken = tokenResponse.parseIdToken(); String gplusId = idToken.getPayload().getSubject(); // Store the token in the session for later use. request.getSession().setAttribute("token", tokenResponse.toString()); response.setStatus(HttpServletResponse.SC_OK); response.getWriter().print(GSON.toJson("Successfully connected user.")); tokenData = (String) request.getSession().getAttribute("token"); DriveSample.init(tokenData); } catch (TokenResponseException e) { response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); response.getWriter().print(GSON.toJson("Failed to upgrade the authorization code.")); } catch (IOException e) { response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); response.getWriter().print(GSON.toJson("Failed to read token data from Google. " + e.getMessage())); } }
From source file:org.onehippo.forge.googleauth.repository.GoogleSignInUserManager.java
License:Apache License
private boolean verifyToken(String googleIdToken) throws RepositoryException { log.debug("Authenticating with Google OAuth2"); if (gVerifier == null) { NetHttpTransport transport = new NetHttpTransport(); final JsonFactory jsonFactory = new GsonFactory(); gVerifier = new GoogleIdTokenVerifier.Builder(transport, jsonFactory).build(); }/* ww w . ja va2 s.com*/ try { final GoogleIdToken token = gVerifier.verify(googleIdToken); final GoogleIdToken.Payload payload = token.getPayload(); log.debug("Hosted domain: {}\nSubject: {}\nEmail:{}", payload.getHostedDomain(), payload.getSubject(), payload.getEmail()); return true; } catch (GeneralSecurityException | IOException e) { log.error("Invalid Google SignIn token", e); } return false; }
From source file:org.openhmis.util.Authentication.java
License:Mozilla Public License
public static String resolveIdentity(String id_token) { String externalId;//from ww w . j a v a 2 s . c o m try { // Verify that the token is a legitimate google token GoogleIdToken token = GoogleIdToken.parse(JSON_FACTORY, id_token); GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier(TRANSPORT, JSON_FACTORY); verifier.verify(token); // If we get here then this is a valid google item externalId = token.getPayload().getEmail(); } catch (IOException e) { log.debug("IOException authenticating with Google: " + e.toString()); externalId = null; } catch (GeneralSecurityException e) { log.debug("GeneralSecurityException authenticating with Google: " + e.toString()); externalId = null; } catch (IllegalArgumentException e) { log.debug("IllegalArgumentException authenticating with Google: " + e.toString()); externalId = null; } catch (Exception e) { log.debug("Unexpected exception authenticating with Google: " + e.toString()); externalId = null; } return externalId; }
From source file:org.opensocial.explorer.server.login.GoogleLoginServlet.java
License:Apache License
@Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { try {//w ww . j av a 2 s . c o m String[] paths = getPaths(req); if (paths.length == 0) { resp.sendError(HttpServletResponse.SC_NOT_FOUND, "Path must be one of \"googleLogin/popup\" or \"googleLogin/token\""); return; } // Redirect to Google Login for authentication. if ("popup".equals(paths[0])) { String destination = "https://accounts.google.com/o/oauth2/auth" + "?redirect_uri=" + this.redirectUri + "&client_id=" + this.clientId + "&response_type=code" + "&scope=https://www.googleapis.com/auth/userinfo.profile" + "&approval_prompt=force"; resp.sendRedirect(destination); } // Callback from Google Servers after user has accepted or declined access. if ("token".equals(paths[0])) { // If user clicked 'Decline', close the popup. if (req.getParameter("error") != null) { this.closePopup(resp); // Else, we verify the response from Google, obtain the user's ID, and generate a security token to OSE. } else { Preconditions.checkNotNull(clientId); Preconditions.checkNotNull(clientSecret); Preconditions.checkNotNull(redirectUri); HttpRequest googleRequest = this.constructGooglePostRequest(req); HttpResponse googleResponse = fetcher.fetch(googleRequest); JSONObject responseJSON = this.parseResponseToJson(googleResponse); if (responseJSON.has("error")) { throw new IllegalStateException(); } String idToken = responseJSON.getString("id_token"); GoogleIdToken userIdToken = GoogleIdToken.parse(new JacksonFactory(), idToken); GoogleIdToken.Payload googlePayload = userIdToken.getPayload(); String userId = googlePayload.getSubject(); if (googlePayload.getIssuer().equals("accounts.google.com") && googlePayload.getAudience().equals(this.clientId)) { this.returnSecurityToken(userId, resp); } else { resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Invalid response token"); } } } } catch (GadgetException e) { resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Error making POST request."); } catch (JSONException e) { resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Error parsing JSON response."); } catch (SecurityTokenException e) { resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Error generating security token."); } catch (NullPointerException e) { resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Missing app client metadata."); } catch (IllegalStateException e) { resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Error making token request due to an invalid client id or secret. Please double check the credentials."); } }
From source file:org.orcsun.sunspace.third.GoogleAPI.java
License:Open Source License
/** * Upgrade given auth code to token, and store it in the session. POST body * of request should be the authorization code. Example URI: * /connect?state=...&gplus_id=...// ww w.java2 s . com * @throws Exception */ @RequestMapping(value = "/oauth2callback", method = RequestMethod.GET) protected String validateToken(HttpServletRequest request, HttpServletRequest response, Model model) throws Exception { String error = request.getParameter("error"); if (error != null) {//wrong logger.error(error); model.addAttribute("msg", error); return "redirect:/user/redirectLogin"; } else { String code = request.getParameter("code"); logger.info("==========code" + code); String original_state = (String) request.getSession().getAttribute("state"); String state = request.getParameter("state"); if (code != null && state.equals(original_state)) {//request access token GoogleTokenResponse tokenResponse = new GoogleAuthorizationCodeTokenRequest(TRANSPORT, JSON_FACTORY, SunConstants.GOOGLE_API_CLIENT_ID, SunConstants.GOOGLE_API_CLIENT_SECRET, code, SunConstants.AUTH_REDIRECT_URL_GOOGLE).execute(); GoogleIdToken idToken = tokenResponse.parseIdToken(); String gplusId = idToken.getPayload().getSubject(); String email = idToken.getPayload().getEmail(); if (email == null) return "redirect:/user/redirectLogin"; else { logger.info("gplusid:" + gplusId); logger.info("email:" + email); User user = userDao.findUserByEmail(email); if (user == null) { user = new User(); user.setName("GoogleUser"); user.setOpenid(gplusId); user.setEmail(email); user.setPasswd(tokenResponse.toString()); long uid = userDao.addUser(user); user.setUid(uid); } // Store the token in the session for later use. request.getSession().setAttribute("token", tokenResponse.toString()); //get user profile GoogleCredential credential = new GoogleCredential.Builder().setJsonFactory(JSON_FACTORY) .setTransport(TRANSPORT) .setClientSecrets(SunConstants.GOOGLE_API_CLIENT_ID, SunConstants.GOOGLE_API_CLIENT_SECRET) .build().setFromTokenResponse( JSON_FACTORY.fromString(tokenResponse.toString(), GoogleTokenResponse.class)); // Create a new authorized API client. Plus service = new Plus.Builder(TRANSPORT, JSON_FACTORY, credential) .setApplicationName(APPLICATION_NAME).build(); // Get a list of people that this user has shared with this app. Person person = service.people().get("me").execute(); user.setPhoto1(person.getImage().getUrl()); user.setName(person.getDisplayName()); user.setPhoto2(person.getCover().getCoverPhoto().getUrl()); request.getSession().setAttribute("user", user); } } return "redirect:/user/admin"; } }
From source file:org.railwaystations.api.resources.ProfileResource.java
private GoogleIdToken.Payload verifyGoogleIdToken(final String idTokenString) { final GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(new ApacheHttpTransport(), JACKSON_FACTORY).setAudience(Collections.singletonList(googleClientId)).build(); final GoogleIdToken idToken; try {/* w w w . ja va 2 s .c o m*/ idToken = verifier.verify(idTokenString); } catch (final Exception e) { LOG.error("Unable to verify google idToken", e); return null; } if (idToken != null) { final GoogleIdToken.Payload payload = idToken.getPayload(); LOG.info("Google Login for {} with email {} (verified = {})", payload.get("name"), payload.getEmail(), payload.getEmailVerified()); return payload; } else { LOG.warn("Invalid ID token."); return null; } }
From source file:org.salvian.sonar.plugins.oauth2.provider.GoogleProvider.java
License:Apache License
@Override public GenericProfile validateTokenAndGetUser(Settings settings, OAuthJSONAccessTokenResponse tokenResponse) { try {//from w ww.j a v a2 s. c om //TODO: use general method to validate Oauth2 token (instead of using 1 library per provider) HttpTransport transport = GoogleNetHttpTransport.newTrustedTransport(); JsonFactory jsonFactory = JacksonFactory.getDefaultInstance(); GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(transport, jsonFactory) .setAudience(Collections.singletonList(settings.getString(OAuth2Client.PROPERTY_CLIENT_ID))) .build(); GoogleIdToken googleToken = verifier.verify(tokenResponse.getParam("id_token")); if (googleToken != null) { GoogleIdToken.Payload payload = googleToken.getPayload(); if (!payload.getHostedDomain().equals(PROPERTY_GOOGLE_HD)) { LOG.error("Use your " + PROPERTY_GOOGLE_HD + " google account to log in"); } GenericProfile googleProfile = new GenericProfile(); String email = payload.getEmail(); googleProfile.setEmail(email); googleProfile.setName(email.substring(0, email.indexOf("@"))); return googleProfile; } else { LOG.error("Nice try, but.. nope"); } } catch (Exception e) { LOG.error("You are not logged in"); } return null; }
From source file:servicios.GestorUsuario.java
public static String loginGoogle(HttpServletRequest request) { String result = "Error: login invalido"; Usuario usuario = null;//from www. ja v a 2s .com //Mirar primero si esta ya logeado desde esa sesion HttpSession sesion = request.getSession(); boolean logged = (Boolean.valueOf((String) sesion.getAttribute("logged"))); if (logged) { //TODO GESTIONAR MULTIPLES LOGINS, PROBABLEMENTE HAYA QUE TENER UNA LISTA CON LOS USUARIOS LOGEADOS, O SE PERMITE LOGIN DESDE MULTIPLES DISPOSITIVOS? result = "Error: ya logeado"; } else { String idTokenString = request.getParameter("id_token"); NetHttpTransport transport = new NetHttpTransport(); GsonFactory jsonFactory = new GsonFactory(); if (idTokenString != null && !idTokenString.equals("")) { GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(transport, jsonFactory) .setAudience(Arrays.asList(SERVER_CLIENT_ID)).setIssuer("https://accounts.google.com") .build(); try { GoogleIdToken idToken = verifier.verify(idTokenString); if (idToken != null) { Payload payload = idToken.getPayload(); String email = payload.getEmail(); UsuarioDAO dao = new UsuarioDAO(); if (dao.existsUsuario(email)) { usuario = dao.findUsuarioByEmail(email); } } if (usuario != null) { sesion.setAttribute("logged", true); sesion.setAttribute("usuario", usuario); System.out.println("El usuario " + usuario.getEmail() + " ha iniciado sesin"); //Generar y devolver el estado inicial del usuario EstadoLogin estado = generarEstado(usuario, request.getServletContext()); Gson gson = new Gson(); result = gson.toJson(estado); Logger.getLogger(GestorUsuario.class.getName()).log(Level.INFO, "El resultado es: " + result); System.out.println("El estado del usuario " + usuario.getEmail() + " es " + result); return result; } } catch (IOException | GeneralSecurityException ex) { Logger.getLogger(GestorUsuario.class.getName()).log(Level.SEVERE, null, ex); } catch (SQLException ex) { Logger.getLogger(GestorUsuario.class.getName()).log(Level.SEVERE, null, ex); } catch (ClassNotFoundException ex) { Logger.getLogger(GestorUsuario.class.getName()).log(Level.SEVERE, null, ex); } } } return result; }
From source file:servicios.GestorUsuario.java
public static String registrarGoogle(HttpServletRequest request) { String result = "Error en registro"; Usuario usuario = null;//from w w w.j ava2 s . c om String idTokenString = request.getParameter("id_token"); NetHttpTransport transport = new NetHttpTransport(); GsonFactory jsonFactory = new GsonFactory(); if (idTokenString != null && !idTokenString.equals("")) { GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(transport, jsonFactory) .setAudience(Arrays.asList(SERVER_CLIENT_ID)).setIssuer("https://accounts.google.com").build(); try { GoogleIdToken idToken = verifier.verify(idTokenString); if (idToken != null) { Payload payload = idToken.getPayload(); String email = payload.getEmail(); String nombre = (String) payload.get("given_name"); String apellidos = (String) payload.get("family_name"); usuario = new Usuario(email, nombre, apellidos); UsuarioDAO dao = new UsuarioDAO(); if (dao.existsUsuario(email)) { Exception e = new UserAlreadyExistsException(email); result = e.toString(); System.out.println(result); } else { dao.addUsuario(usuario); HttpSession sesion = request.getSession(); sesion.setAttribute("logged", true); sesion.setAttribute("usuario", usuario); System.out.println("El usuario " + usuario.getEmail() + " ha iniciado sesin"); //Generar y devolver el estado inicial del usuario EstadoLogin estado = generarEstado(usuario, request.getServletContext()); Gson gson = new Gson(); result = gson.toJson(estado); //Logger.getLogger(GestorUsuario.class.getName()).log(Level.INFO, "El resultado es: " + result); System.out.println("El estado del usuario " + usuario.getEmail() + " es " + result); return result; } } } catch (IOException | GeneralSecurityException ex) { Logger.getLogger(GestorUsuario.class.getName()).log(Level.SEVERE, null, ex); } catch (SQLException ex) { Logger.getLogger(GestorUsuario.class.getName()).log(Level.SEVERE, null, ex); } catch (ClassNotFoundException ex) { Logger.getLogger(GestorUsuario.class.getName()).log(Level.SEVERE, null, ex); } } return result; }
From source file:servlet.Signin.java
public String processToken(String idTokenString, HttpServletRequest request, HttpServletResponse response) { //idTokenString = "eyJhbGciOiJSUzI1NiIsImtpZCI6IjlmYjk4ZGY3NDg2ZTJjNTg4NjdjNzA0ODVmODM1MDMzNGQxMmQ5NzcifQ.eyJpc3MiOiJhY2NvdW50cy5nb29nbGUuY29tIiwiaWF0IjoxNDc3NjM1MzY0LCJleHAiOjE0Nzc2Mzg5NjQsImF0X2hhc2giOiI5YUk5R09jT1diWldXeTh6Ui1jR2VBIiwiYXVkIjoiMTA2NzMwNzIzNDY5NS1wc3FtNXBlc2dsMHRtZmMwY2MxN3NnZWtqY2dhb2RuMC5hcHBzLmdvb2dsZXVzZXJjb250ZW50LmNvbSIsInN1YiI6IjEwOTMyNDIwODIyMzAxNjExODQ4MyIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJhenAiOiIxMDY3MzA3MjM0Njk1LXBzcW01cGVzZ2wwdG1mYzBjYzE3c2dla2pjZ2FvZG4wLmFwcHMuZ29vZ2xldXNlcmNvbnRlbnQuY29tIiwiaGQiOiJzdHVkZW50LnVuaW1lbGIuZWR1LmF1IiwiZW1haWwiOiJwa2h1bXJpbkBzdHVkZW50LnVuaW1lbGIuZWR1LmF1IiwibmFtZSI6IlBpeWFwb25nIEtodW1yaW4iLCJwaWN0dXJlIjoiaHR0cHM6Ly9saDUuZ29vZ2xldXNlcmNvbnRlbnQuY29tLy04NEtHWHVqWWpUay9BQUFBQUFBQUFBSS9BQUFBQUFBQUFBQS9BS1RhZUs5dnFtcWtlU05RTEpDNEF0a0NfUHBwdWNrUDdBL3M5Ni1jL3Bob3RvLmpwZyIsImdpdmVuX25hbWUiOiJQaXlhcG9uZyIsImZhbWlseV9uYW1lIjoiS2h1bXJpbiIsImxvY2FsZSI6ImVuIn0.4ETXNLS7KnwkyNgBZEH9Y-G1fE8dsH7rN1sTeCXbtLXfIgVsgZAXoQW2z8ZZd-cgkFu19U2NB9CueEQocjxpev0JmLUW8RuNLvn08rHn1oczeeaAs9z4KjVvhlVYIR7cjKS_90M2Ufr0FYRVA61b9IJwsUvUk2CMLI9W6F0xthPVgTaNMnLesFHBqBoJc6SHA0sVsStGkW2kWLDrchdM-tJhretZoEtpk_Yzd_pjG113NlU9xddd08huaG8dAShlRIOuRw1mKf6WUZQ7LT4-gOSK5nFa8NMUZDEWdf3WJm9NX6CVyDEVag6d65FRvw9vZ65U6m5PAFAkZtSgJX19zA"; String returnVal = ""; NetHttpTransport transport = new NetHttpTransport(); GsonFactory jsonFactory = new GsonFactory(); if (idTokenString != null && !idTokenString.equals("")) { GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(transport, jsonFactory) .setAudience(Arrays .asList("1067307234695-psqm5pesgl0tmfc0cc17sgekjcgaodn0.apps.googleusercontent.com")) // To learn about getting a Server Client ID, see this link // https://developers.google.com/identity/sign-in/android/start // And follow step 4 // If you retrieved the token on Android using the Play Services 8.3 API or newer, set // the issuer to "https://accounts.google.com". Otherwise, set the issuer to // "accounts.google.com". If you need to verify tokens from multiple sources, build // a GoogleIdTokenVerifier for each issuer and try them both. .setIssuer("accounts.google.com").build(); try {/* ww w. j a v a 2 s. c o m*/ GoogleIdToken idToken = verifier.verify(idTokenString); if (idToken != null) { Payload payload = idToken.getPayload(); //userid String userid = payload.getSubject(); //returnVal = "match"; request.getSession().setAttribute("userid", userid); Database db = new Database(); //db.getConnection111(); db.init(); SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"); String sessionid = df.format(new Date()); request.getSession().setAttribute("sessionid", sessionid); db.login("login", request.getSession().getAttribute("userid").toString(), request.getSession().getAttribute("sessionid").toString()); boolean firstvisit = db.checkYearlevelrecord(userid); if (firstvisit) { returnVal = "firstvisit"; } else { returnVal = "visited"; } // You can also access the following properties of the payload in order // for other attributes of the user. Note that these fields are only // available if the user has granted the 'profile' and 'email' OAuth // scopes when requested. // String email = payload.getEmail(); // boolean emailVerified = Boolean.valueOf(payload.getEmailVerified()); // String name = (String) payload.get("name"); // String pictureUrl = (String) payload.get("picture"); // String locale = (String) payload.get("locale"); // String familyName = (String) payload.get("family_name"); // String givenName = (String) payload.get("given_name"); //for scoring at the end //request.getSession().setAttribute("hxin", 0); //request.getSession().setAttribute("pein", 0); //request.getSession().setAttribute("labin", 0); } else { //return false; returnVal = "Invalid ID token."; } } catch (Exception ex) { //return false; returnVal = ex.getMessage(); } } else { //return false; returnVal = "Bad Token Passed In"; } return returnVal; }