use of com.google.api.server.spi.auth.GoogleAuth.TokenInfo in project endpoints-java by cloudendpoints.
the class GoogleOAuth2Authenticator method authenticate.
@Override
public User authenticate(HttpServletRequest request) {
Attribute attr = Attribute.from(request);
if (attr.isEnabled(Attribute.SKIP_TOKEN_AUTH)) {
return null;
}
String token = GoogleAuth.getAuthToken(request);
if (!GoogleAuth.isOAuth2Token(token)) {
return null;
}
GoogleAuth.TokenInfo tokenInfo = getTokenInfoRemote(token);
if (tokenInfo == null) {
return null;
}
ApiMethodConfig config = (ApiMethodConfig) request.getAttribute(Attribute.API_METHOD_CONFIG);
// Check scopes.
if (Strings.isEmptyOrWhitespace(tokenInfo.scopes)) {
logger.warning("Access token does not contain a valid scope");
return null;
}
String[] authorizedScopes = tokenInfo.scopes.split("\\s+");
if (!config.getScopeExpression().isAuthorized(ImmutableSet.copyOf(authorizedScopes))) {
logger.warning("Access token does not contain sufficient scopes from: " + config.getScopeExpression());
return null;
}
// Check clientId.
if (attr.isEnabled(Attribute.ENABLE_CLIENT_ID_WHITELIST) && !GoogleAuth.checkClientId(tokenInfo.clientId, config.getClientIds(), true)) {
logger.warning("ClientId is not allowed: " + tokenInfo.clientId);
return null;
}
User user = new User(tokenInfo.userId, tokenInfo.email);
if (attr.isEnabled(Attribute.REQUIRE_APPENGINE_USER)) {
com.google.appengine.api.users.User appEngineUser = new com.google.appengine.api.users.User(tokenInfo.email, "");
logger.log(Level.INFO, "appEngineUser = {0}", appEngineUser);
request.setAttribute(Attribute.AUTHENTICATED_APPENGINE_USER, appEngineUser);
} else {
logger.log(Level.INFO, "user = {0}", user);
}
return user;
}
use of com.google.api.server.spi.auth.GoogleAuth.TokenInfo in project endpoints-java by cloudendpoints.
the class GoogleOAuth2AuthenticatorTest method createAuthenticator.
private GoogleOAuth2Authenticator createAuthenticator(final String email, final String clientId, final String scopes, final String userId) {
return new GoogleOAuth2Authenticator() {
@Override
TokenInfo getTokenInfoRemote(String token) {
if (email == null) {
return null;
}
TokenInfo info = new TokenInfo();
info.email = email;
info.clientId = clientId;
info.scopes = scopes;
info.userId = userId;
return info;
}
};
}
use of com.google.api.server.spi.auth.GoogleAuth.TokenInfo in project endpoints-java by cloudendpoints.
the class GoogleAuthTest method testParseTokenInfo_withEmail.
@Test
public void testParseTokenInfo_withEmail() throws Exception {
HttpRequest request = constructHttpRequest(SAMPLE_CONTENT_WITH_EMAIL);
TokenInfo info = GoogleAuth.parseTokenInfo(request);
assertEquals("123.apps.googleusercontent.com", info.clientId);
assertEquals("https://www.googleapis.com/auth/userinfo.email" + " https://www.googleapis.com/auth/xapi.zoo" + " https://www.googleapis.com/auth/plus.me", info.scopes);
assertEquals("1234567", info.userId);
assertEquals("dummy@gmail.com", info.email);
}
Aggregations