List of usage examples for com.google.api.client.googleapis.auth.oauth2 GoogleIdTokenVerifier verify
public GoogleIdToken verify(String idTokenString) throws GeneralSecurityException, IOException
From source file:com.tcc.servidor_tcc.api.LoginResource.java
@Path("/token") @POST//from w w w .java2 s .c o m @Consumes(MediaType.APPLICATION_FORM_URLENCODED) @Produces(MediaType.APPLICATION_JSON) public Response loginToken(@FormParam("tokenId") String tokenIdString) { System.out.println("Token:" + tokenIdString); GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(transport, jsonFactory) .setAudience(Arrays.asList(CLIENT_ID)).setIssuer("https://accounts.google.com").build(); GoogleIdToken idToken = null; try { idToken = verifier.verify(tokenIdString); } catch (GeneralSecurityException ex) { Logger.getLogger(LoginResource.class.getName()).log(Level.SEVERE, null, ex); } catch (IOException ex) { Logger.getLogger(LoginResource.class.getName()).log(Level.SEVERE, null, ex); } if (idToken != null) { Payload payload = idToken.getPayload(); String userId = payload.getSubject(); System.out.println("User ID: " + userId); String email = payload.getEmail(); boolean emailVerified = payload.getEmailVerified(); String name = (String) payload.get("name"); String pictureUrl = (String) payload.get("picture"); String locale = (String) payload.get("locale"); String familyName = (String) payload.get("family_name"); String givenName = (String) payload.get("given_name"); ReviewerDAO dao = new ReviewerDAOjpa(); Optional<Reviewer> rev = dao.getOne(email); if (rev.isPresent()) { String clientToken = Token.createClientToken(email); return Response.ok().entity(clientToken).build(); } else { Reviewer reviewer = new Reviewer(); reviewer.setEmail(email); reviewer.setName(name); return Response.status(Response.Status.CREATED).entity(reviewer).build(); } } else { System.out.println("Invalid ID token."); return Response.status(Response.Status.UNAUTHORIZED).build(); } }
From source file:edu.cmu.cs.lti.discoursedb.api.browsing.controller.BrowsingRestController.java
License:Open Source License
@Deprecated @CrossOrigin(origins = "*", maxAge = 3600) @RequestMapping(value = "/tokensigningoogle_deprecated", method = RequestMethod.POST, headers = "content-type=application/x-www-form-urlencoded") public String processRegistration(@RequestParam("idtoken") String idTokenString) //, ModelMap model) throws GeneralSecurityException, IOException { logger.info("Doing tokensigningoogle"); GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(new NetHttpTransport(), new GsonFactory()).setAudience(Arrays.asList(environment.getRequiredProperty("google.client_id"))) .setIssuer("accounts.google.com").build(); GoogleIdToken idToken = verifier.verify(idTokenString); if (idToken != null) { Payload payload = idToken.getPayload(); // Print user identifier String userId = payload.getSubject(); // Get profile information from payload String email = payload.getEmail(); logger.info("Logged in " + userId + " " + email); boolean emailVerified = Boolean.valueOf(payload.getEmailVerified()); //List<User> users = DbFunction.listHqlNew("FROM User WHERE email = :email", "email", email); if (!emailVerified) { //|| users.isEmpty()) { return "/error.html"; } else {// ww w . j ava 2 s . c om //List<String> roles = DbFunction.listSQLNew( // "SELECT role.name FROM user_role_association JOIN role ON role.id = role_id JOIN user on user.id = user_id WHERE user.email = :email", // "email", email); List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>(); //for (String role : roles) { // authorities.add(new SimpleGrantedAuthority(role)); //} authorities.add(new SimpleGrantedAuthority("USER_AUTH0RITY")); UserDetails userDetails = new org.springframework.security.core.userdetails.User(userId, "xxy", true, true, true, true, authorities); Authentication authentication = new UsernamePasswordAuthenticationToken(userId, null, userDetails.getAuthorities()); //UserDetails userDetails = new org.springframework.security.core.userdetails.User(users.get(0).getName(), // "xx", users.get(0).isEnabled(), true, true, true, authorities); //Authentication authentication = new UsernamePasswordAuthenticationToken(users.get(0).getName(), null, // userDetails.getAuthorities()); SecurityContextHolder.clearContext(); SecurityContextHolder.getContext().setAuthentication(authentication); httpSession.setAttribute("sch", userDetails); logger.info("first check " + httpSession.getAttribute("sch")); return "/browsing/databases"; } } else { System.out.println("Invalid ID token."); } return "/error.html"; }
From source file:function.IdTokenVerifierAndParser.java
public static GoogleIdToken.Payload getPayload(String tokenString) throws Exception { JacksonFactory jacksonFactory = new JacksonFactory(); GoogleIdTokenVerifier googleIdTokenVerifier = new GoogleIdTokenVerifier(new NetHttpTransport(), jacksonFactory);/*from w w w . j av a2 s .c o m*/ GoogleIdToken token = GoogleIdToken.parse(jacksonFactory, tokenString); if (googleIdTokenVerifier.verify(token)) { GoogleIdToken.Payload payload = token.getPayload(); if (!GOOGLE_CLIENT_ID.equals(payload.getAudience())) { throw new IllegalArgumentException("Audience mismatch"); } else if (!GOOGLE_CLIENT_ID.equals(payload.getAuthorizedParty())) { throw new IllegalArgumentException("Client ID mismatch"); } return payload; } else { throw new IllegalArgumentException("id token cannot be verified"); } }
From source file:io.sgr.social.signin.google.GoogleSignInService.java
License:Apache License
private static GoogleAccount parseGoogleAccountFromIdToken(String clientId, String idTokenString) { Preconditions.notEmptyString(clientId, "OAuth client ID should be provided."); Preconditions.notEmptyString(idTokenString, "IdToken should be provided."); GoogleIdTokenVerifier oldVerifier = new GoogleIdTokenVerifier.Builder(getDefaultHttpTransport(), getDefaultJsonFactory()).setAudience(Collections.singletonList(clientId)) // For Android Play Services older than 8.3 and web client .setIssuer("accounts.google.com").build(); GoogleIdTokenVerifier newVerifier = new GoogleIdTokenVerifier.Builder(getDefaultHttpTransport(), getDefaultJsonFactory()).setAudience(Collections.singletonList(clientId)) // For Android Play Services newer than 8.3 .setIssuer("https://accounts.google.com").build(); GoogleIdToken idToken;/*from w w w .j a v a2s. com*/ try { idToken = oldVerifier.verify(idTokenString); if (idToken == null) { idToken = newVerifier.verify(idTokenString); } } catch (Exception e) { LOGGER.error(e.getMessage(), e); return null; } if (idToken == null) { LOGGER.warn(String.format("Invalid or expired Google ID token: %s", idTokenString)); return null; } Payload payload = idToken.getPayload(); for (Entry<String, Object> entry : payload.entrySet()) { LOGGER.trace(String.format("%s=%s", entry.getKey(), entry.getValue())); } return idTokenPayloadToGoogleAccount(payload); }
From source file:lockServer.UserConnection.java
@Override public void run() { try (Scanner scanner = new Scanner(mSocket.getInputStream()); PrintWriter writer = new PrintWriter(mSocket.getOutputStream(), true)) { if (scanner.hasNextLine()) { String data = scanner.nextLine(); System.out.println("Received from app: " + data); writer.println("Received"); HttpTransport transport = new NetHttpTransport(); JsonFactory json = new JacksonFactory(); GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(transport, json) .setAudience(Arrays.asList(SERVER_CLIENT_ID)).build(); GoogleIdToken idToken = verifier.verify(data); if (idToken != null) { Payload payload = idToken.getPayload(); System.out.println("User ID: " + payload.getSubject()); System.out.println("User email: " + (String) payload.get("email")); }//w ww . j av a2 s. c om } } catch (IOException ex) { System.out.println("User Socket IO Error: " + ex.getMessage()); } catch (GeneralSecurityException ex) { System.out.println("User Socket General Security Error: " + ex.getMessage()); } }
From source file:nu.t4.beans.APLManager.java
public GoogleIdToken.Payload googleAuth(String idTokenString) { //Varibler fr verifiering HttpTransport httpTransport;/*w w w.jav a 2 s .co m*/ JsonFactory jsonFactory; GoogleIdTokenVerifier verifier; try { jsonFactory = JacksonFactory.getDefaultInstance(); httpTransport = GoogleNetHttpTransport.newTrustedTransport(); verifier = new GoogleIdTokenVerifier.Builder(httpTransport, jsonFactory) .setAudience(Arrays.asList(CLIENT_ID)).build(); } catch (Exception e) { return null; } GoogleIdToken idToken; try { idToken = verifier.verify(idTokenString); } catch (Exception ex) { return null; } //idToken blir null ifall den r felaktig if (idToken != null) { //Ta ut datan vi behver frn det verifierade idTokenet return idToken.getPayload(); //if (payload.getHostedDomain().equals(APPS_DOMAIN_NAME)) { /* } else { return Response.status(Response.Status.FORBIDDEN).build(); }*/ } else { return null; } }
From source file:org.geocachingtools.geoui.OAuthServlet.java
License:Open Source License
/** * Processes requests for both HTTP <code>GET</code> and <code>POST</code> * methods.//from www .j av a 2 s.com * * @param request servlet request * @param response servlet response * @throws ServletException if a servlet-specific error occurs * @throws IOException if an I/O error occurs */ protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { try { // Set up the HTTP transport and JSON factory HttpTransport transport = GoogleNetHttpTransport.newTrustedTransport(); JsonFactory jsonFactory = JacksonFactory.getDefaultInstance(); GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(transport, jsonFactory) .setAudience(Collections.singletonList(CLIENT_ID)).build(); // (Receive idTokenString by HTTPS POST) GoogleIdToken idToken = verifier.verify(request.getParameter("idtoken")); if (idToken != null) { Payload payload = idToken.getPayload(); // Print user identifier String userId = payload.getSubject(); System.out.println("User ID: " + userId); // Get profile information from payload String email = payload.getEmail(); boolean emailVerified = payload.getEmailVerified(); String name = (String) payload.get("name"); String pictureUrl = (String) payload.get("picture"); String locale = (String) payload.get("locale"); String familyName = (String) payload.get("family_name"); String givenName = (String) payload.get("given_name"); System.out.println(email); // Use or store profile information // ... } else { System.out.println("Invalid ID token."); } } catch (GeneralSecurityException ex) { Logger.getLogger(OAuthServlet.class.getName()).log(Level.SEVERE, null, ex); } }
From source file:org.openhmis.util.Authentication.java
License:Mozilla Public License
public static String resolveIdentity(String id_token) { String externalId;/*from ww w . ja va 2 s. c o m*/ try { // Verify that the token is a legitimate google token GoogleIdToken token = GoogleIdToken.parse(JSON_FACTORY, id_token); GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier(TRANSPORT, JSON_FACTORY); verifier.verify(token); // If we get here then this is a valid google item externalId = token.getPayload().getEmail(); } catch (IOException e) { log.debug("IOException authenticating with Google: " + e.toString()); externalId = null; } catch (GeneralSecurityException e) { log.debug("GeneralSecurityException authenticating with Google: " + e.toString()); externalId = null; } catch (IllegalArgumentException e) { log.debug("IllegalArgumentException authenticating with Google: " + e.toString()); externalId = null; } catch (Exception e) { log.debug("Unexpected exception authenticating with Google: " + e.toString()); externalId = null; } return externalId; }
From source file:org.railwaystations.api.resources.ProfileResource.java
private GoogleIdToken.Payload verifyGoogleIdToken(final String idTokenString) { final GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(new ApacheHttpTransport(), JACKSON_FACTORY).setAudience(Collections.singletonList(googleClientId)).build(); final GoogleIdToken idToken; try {//ww w. j a va2s . c o m idToken = verifier.verify(idTokenString); } catch (final Exception e) { LOG.error("Unable to verify google idToken", e); return null; } if (idToken != null) { final GoogleIdToken.Payload payload = idToken.getPayload(); LOG.info("Google Login for {} with email {} (verified = {})", payload.get("name"), payload.getEmail(), payload.getEmailVerified()); return payload; } else { LOG.warn("Invalid ID token."); return null; } }
From source file:org.salvian.sonar.plugins.oauth2.provider.GoogleProvider.java
License:Apache License
@Override public GenericProfile validateTokenAndGetUser(Settings settings, OAuthJSONAccessTokenResponse tokenResponse) { try {//from w ww . j a v a 2s. c o m //TODO: use general method to validate Oauth2 token (instead of using 1 library per provider) HttpTransport transport = GoogleNetHttpTransport.newTrustedTransport(); JsonFactory jsonFactory = JacksonFactory.getDefaultInstance(); GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(transport, jsonFactory) .setAudience(Collections.singletonList(settings.getString(OAuth2Client.PROPERTY_CLIENT_ID))) .build(); GoogleIdToken googleToken = verifier.verify(tokenResponse.getParam("id_token")); if (googleToken != null) { GoogleIdToken.Payload payload = googleToken.getPayload(); if (!payload.getHostedDomain().equals(PROPERTY_GOOGLE_HD)) { LOG.error("Use your " + PROPERTY_GOOGLE_HD + " google account to log in"); } GenericProfile googleProfile = new GenericProfile(); String email = payload.getEmail(); googleProfile.setEmail(email); googleProfile.setName(email.substring(0, email.indexOf("@"))); return googleProfile; } else { LOG.error("Nice try, but.. nope"); } } catch (Exception e) { LOG.error("You are not logged in"); } return null; }