Search in sources :

Example 1 with TokenInfo

use of com.google.api.server.spi.auth.GoogleAuth.TokenInfo in project endpoints-java by cloudendpoints.

the class GoogleOAuth2Authenticator method authenticate.

@Override
public User authenticate(HttpServletRequest request) {
    Attribute attr = Attribute.from(request);
    if (attr.isEnabled(Attribute.SKIP_TOKEN_AUTH)) {
        return null;
    }
    String token = GoogleAuth.getAuthToken(request);
    if (!GoogleAuth.isOAuth2Token(token)) {
        return null;
    }
    GoogleAuth.TokenInfo tokenInfo = getTokenInfoRemote(token);
    if (tokenInfo == null) {
        return null;
    }
    ApiMethodConfig config = (ApiMethodConfig) request.getAttribute(Attribute.API_METHOD_CONFIG);
    // Check scopes.
    if (Strings.isEmptyOrWhitespace(tokenInfo.scopes)) {
        logger.warning("Access token does not contain a valid scope");
        return null;
    }
    String[] authorizedScopes = tokenInfo.scopes.split("\\s+");
    if (!config.getScopeExpression().isAuthorized(ImmutableSet.copyOf(authorizedScopes))) {
        logger.warning("Access token does not contain sufficient scopes from: " + config.getScopeExpression());
        return null;
    }
    // Check clientId.
    if (attr.isEnabled(Attribute.ENABLE_CLIENT_ID_WHITELIST) && !GoogleAuth.checkClientId(tokenInfo.clientId, config.getClientIds(), true)) {
        logger.warning("ClientId is not allowed: " + tokenInfo.clientId);
        return null;
    }
    User user = new User(tokenInfo.userId, tokenInfo.email);
    if (attr.isEnabled(Attribute.REQUIRE_APPENGINE_USER)) {
        com.google.appengine.api.users.User appEngineUser = new com.google.appengine.api.users.User(tokenInfo.email, "");
        logger.log(Level.INFO, "appEngineUser = {0}", appEngineUser);
        request.setAttribute(Attribute.AUTHENTICATED_APPENGINE_USER, appEngineUser);
    } else {
        logger.log(Level.INFO, "user = {0}", user);
    }
    return user;
}
Also used : User(com.google.api.server.spi.auth.common.User) TokenInfo(com.google.api.server.spi.auth.GoogleAuth.TokenInfo) Attribute(com.google.api.server.spi.request.Attribute) ApiMethodConfig(com.google.api.server.spi.config.model.ApiMethodConfig)

Example 2 with TokenInfo

use of com.google.api.server.spi.auth.GoogleAuth.TokenInfo in project endpoints-java by cloudendpoints.

the class GoogleOAuth2AuthenticatorTest method createAuthenticator.

private GoogleOAuth2Authenticator createAuthenticator(final String email, final String clientId, final String scopes, final String userId) {
    return new GoogleOAuth2Authenticator() {

        @Override
        TokenInfo getTokenInfoRemote(String token) {
            if (email == null) {
                return null;
            }
            TokenInfo info = new TokenInfo();
            info.email = email;
            info.clientId = clientId;
            info.scopes = scopes;
            info.userId = userId;
            return info;
        }
    };
}
Also used : TokenInfo(com.google.api.server.spi.auth.GoogleAuth.TokenInfo)

Example 3 with TokenInfo

use of com.google.api.server.spi.auth.GoogleAuth.TokenInfo in project endpoints-java by cloudendpoints.

the class GoogleAuthTest method testParseTokenInfo_withEmail.

@Test
public void testParseTokenInfo_withEmail() throws Exception {
    HttpRequest request = constructHttpRequest(SAMPLE_CONTENT_WITH_EMAIL);
    TokenInfo info = GoogleAuth.parseTokenInfo(request);
    assertEquals("123.apps.googleusercontent.com", info.clientId);
    assertEquals("https://www.googleapis.com/auth/userinfo.email" + " https://www.googleapis.com/auth/xapi.zoo" + " https://www.googleapis.com/auth/plus.me", info.scopes);
    assertEquals("1234567", info.userId);
    assertEquals("dummy@gmail.com", info.email);
}
Also used : LowLevelHttpRequest(com.google.api.client.http.LowLevelHttpRequest) HttpRequest(com.google.api.client.http.HttpRequest) MockLowLevelHttpRequest(com.google.api.client.testing.http.MockLowLevelHttpRequest) TokenInfo(com.google.api.server.spi.auth.GoogleAuth.TokenInfo) Test(org.junit.Test)

Aggregations

TokenInfo (com.google.api.server.spi.auth.GoogleAuth.TokenInfo)3 HttpRequest (com.google.api.client.http.HttpRequest)1 LowLevelHttpRequest (com.google.api.client.http.LowLevelHttpRequest)1 MockLowLevelHttpRequest (com.google.api.client.testing.http.MockLowLevelHttpRequest)1 User (com.google.api.server.spi.auth.common.User)1 ApiMethodConfig (com.google.api.server.spi.config.model.ApiMethodConfig)1 Attribute (com.google.api.server.spi.request.Attribute)1 Test (org.junit.Test)1