Example 1 with OAuthService
use of com.google.appengine.api.oauth.OAuthService in project java-docs-samples by GoogleCloudPlatform.
the class Oauth2Filter method doFilter.
// [START oauth2]
@Override
public void doFilter(final ServletRequest servletReq, final ServletResponse servletResp, final FilterChain chain) throws IOException, ServletException {
final String scope = "https://www.googleapis.com/auth/userinfo.email";
ImmutableSet<String> allowedClients = new ImmutableSet.Builder<String>().add("407408718192.apps.googleusercontent.com").add("755878275993-j4k7emq6rlupctce1c28enpcrr50vfo1.apps.googleusercontent.com").build();
HttpServletResponse resp = (HttpServletResponse) servletResp;
OAuthService oauth = OAuthServiceFactory.getOAuthService();
// Only check Oauth2 when in production, skip if run in development.
SystemProperty.Environment.Value env = environment.value();
if (env == SystemProperty.Environment.Value.Production) {
// APIs only work in Production
try {
String tokenAudience = oauth.getClientId(scope);
if (!allowedClients.contains(tokenAudience)) {
throw new OAuthRequestException("audience of token '" + tokenAudience + "' is not in allowed list " + allowedClients);
}
} catch (OAuthRequestException ex) {
// Not allowed
resp.sendError(HttpServletResponse.SC_NOT_FOUND);
return;
} catch (OAuthServiceFailureException ex) {
// some failure - reject
resp.sendError(HttpServletResponse.SC_NOT_FOUND);
context.log("oauth2 failure", ex);
return;
}
}
// continue processing
chain.doFilter(servletReq, servletResp);
}
Also used :
OAuthService(com.google.appengine.api.oauth.OAuthService)
OAuthRequestException(com.google.appengine.api.oauth.OAuthRequestException)
ImmutableSet(com.google.common.collect.ImmutableSet)
OAuthServiceFailureException(com.google.appengine.api.oauth.OAuthServiceFailureException)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
Example 2 with OAuthService
use of com.google.appengine.api.oauth.OAuthService in project java-docs-samples by GoogleCloudPlatform.
the class HelloServlet method doPost.
@Override
public void doPost(final HttpServletRequest req, final HttpServletResponse resp) throws IOException {
resp.setContentType("text/plain");
PrintWriter out = resp.getWriter();
final String scope = "https://www.googleapis.com/auth/userinfo.email";
OAuthService oauth = OAuthServiceFactory.getOAuthService();
User user = null;
try {
user = oauth.getCurrentUser(scope);
} catch (OAuthRequestException e) {
getServletContext().log("Oauth error", e);
out.print("auth error");
return;
}
out.print("Hello world, welcome to Oauth2: " + user.getEmail());
}
Also used :
OAuthService(com.google.appengine.api.oauth.OAuthService)
User(com.google.appengine.api.users.User)
OAuthRequestException(com.google.appengine.api.oauth.OAuthRequestException)
PrintWriter(java.io.PrintWriter)
Aggregations
OAuthRequestException (com.google.appengine.api.oauth.OAuthRequestException)2
OAuthService (com.google.appengine.api.oauth.OAuthService)2
OAuthServiceFailureException (com.google.appengine.api.oauth.OAuthServiceFailureException)1
User (com.google.appengine.api.users.User)1
ImmutableSet (com.google.common.collect.ImmutableSet)1
PrintWriter (java.io.PrintWriter)1
HttpServletResponse (javax.servlet.http.HttpServletResponse)1
