Examples with AccessToken org.glassfish.jersey.client.oauth1.AccessToken used on opensource projects

Example 71 with AccessToken

use of org.glassfish.jersey.client.oauth1.AccessToken in project java-docs-samples by GoogleCloudPlatform.

the class DownscopingExample method getTokenFromBroker.

/**
 * Simulates token broker generating downscoped tokens for specified bucket.
 */
// [START auth_downscoping_token_broker]
public static AccessToken getTokenFromBroker(String bucketName, String objectPrefix) throws IOException {
    // Retrieve the source credentials from ADC.
    GoogleCredentials sourceCredentials = GoogleCredentials.getApplicationDefault().createScoped("https://www.googleapis.com/auth/cloud-platform");
    // [START auth_downscoping_rules]
    // Initialize the Credential Access Boundary rules.
    String availableResource = "//storage.googleapis.com/projects/_/buckets/" + bucketName;
    // Downscoped credentials will have readonly access to the resource.
    String availablePermission = "inRole:roles/storage.objectViewer";
    // Only objects starting with the specified prefix string in the object name will be allowed
    // read access.
    String expression = "resource.name.startsWith('projects/_/buckets/" + bucketName + "/objects/" + objectPrefix + "')";
    // Build the AvailabilityCondition.
    CredentialAccessBoundary.AccessBoundaryRule.AvailabilityCondition availabilityCondition = CredentialAccessBoundary.AccessBoundaryRule.AvailabilityCondition.newBuilder().setExpression(expression).build();
    // Define the single access boundary rule using the above properties.
    CredentialAccessBoundary.AccessBoundaryRule rule = CredentialAccessBoundary.AccessBoundaryRule.newBuilder().setAvailableResource(availableResource).addAvailablePermission(availablePermission).setAvailabilityCondition(availabilityCondition).build();
    // Define the Credential Access Boundary with all the relevant rules.
    CredentialAccessBoundary credentialAccessBoundary = CredentialAccessBoundary.newBuilder().addRule(rule).build();
    // [END auth_downscoping_rules]
    // [START auth_downscoping_initialize_downscoped_cred]
    // Create the downscoped credentials.
    DownscopedCredentials downscopedCredentials = DownscopedCredentials.newBuilder().setSourceCredential(sourceCredentials).setCredentialAccessBoundary(credentialAccessBoundary).build();
    // Retrieve the token.
    // This will need to be passed to the Token Consumer.
    AccessToken accessToken = downscopedCredentials.refreshAccessToken();
    // [END auth_downscoping_initialize_downscoped_cred]
    return accessToken;
}

Example 72 with AccessToken

use of org.glassfish.jersey.client.oauth1.AccessToken in project java-docs-samples by GoogleCloudPlatform.

the class DownscopingExample method tokenConsumer.

// [END auth_downscoping_token_broker]
/**
 * Simulates token consumer readonly access to the specified object.
 */
// [START auth_downscoping_token_consumer]
public static void tokenConsumer(final String bucketName, final String objectName) throws IOException {
    // You can pass an `OAuth2RefreshHandler` to `OAuth2CredentialsWithRefresh` which will allow the
    // library to seamlessly handle downscoped token refreshes on expiration.
    OAuth2CredentialsWithRefresh.OAuth2RefreshHandler handler = new OAuth2CredentialsWithRefresh.OAuth2RefreshHandler() {

        @Override
        public AccessToken refreshAccessToken() throws IOException {
            // resources in the bucket is needed, this mechanism can be used.
            return getTokenFromBroker(bucketName, objectName.substring(0, 3));
        }
    };
    // Downscoped token retrieved from token broker.
    AccessToken downscopedToken = handler.refreshAccessToken();
    // Create the OAuth2CredentialsWithRefresh from the downscoped token and pass a refresh handler
    // which will handle token expiration.
    // This will allow the consumer to seamlessly obtain new downscoped tokens on demand every time
    // token expires.
    OAuth2CredentialsWithRefresh credentials = OAuth2CredentialsWithRefresh.newBuilder().setAccessToken(downscopedToken).setRefreshHandler(handler).build();
    // Use the credentials with the Cloud Storage SDK.
    StorageOptions options = StorageOptions.newBuilder().setCredentials(credentials).build();
    Storage storage = options.getService();
    // Call Cloud Storage APIs.
    Blob blob = storage.get(bucketName, objectName);
    String content = new String(blob.getContent());
    System.out.println("Retrieved object, " + objectName + ", from bucket," + bucketName + ", with content: " + content);
}

Example 73 with AccessToken

use of org.glassfish.jersey.client.oauth1.AccessToken in project java-docs-samples by GoogleCloudPlatform.

the class TraceSample method createAndRegisterWithToken.

// [END trace_setup_java_create_and_register]
// [START trace_setup_java_create_and_register_with_token]
public static void createAndRegisterWithToken(String accessToken) throws IOException {
    Date expirationTime = DateTime.now().plusSeconds(60).toDate();
    GoogleCredentials credentials = GoogleCredentials.create(new AccessToken(accessToken, expirationTime));
    StackdriverTraceExporter.createAndRegister(StackdriverTraceConfiguration.builder().setProjectId("MyStackdriverProjectId").setCredentials(credentials).build());
}

Example 74 with AccessToken

use of org.glassfish.jersey.client.oauth1.AccessToken in project google-auth-library-java by google.

the class AppEngineCredentials method refreshAccessToken.

/**
 * Refresh the access token by getting it from the App Identity service
 */
@Override
public AccessToken refreshAccessToken() throws IOException {
    if (createScopedRequired()) {
        throw new IOException("AppEngineCredentials requires createScoped call before use.");
    }
    GetAccessTokenResult accessTokenResponse = appIdentityService.getAccessToken(scopes);
    String accessToken = accessTokenResponse.getAccessToken();
    Date expirationTime = accessTokenResponse.getExpirationTime();
    return new AccessToken(accessToken, expirationTime);
}

Example 75 with AccessToken

use of org.glassfish.jersey.client.oauth1.AccessToken in project google-auth-library-java by google.

the class AppEngineCredentialsTest method refreshAccessToken_sameAs.

@Test
void refreshAccessToken_sameAs() throws IOException {
    String expectedAccessToken = "ExpectedAccessToken";
    MockAppIdentityService appIdentity = new MockAppIdentityService();
    appIdentity.setAccessTokenText(expectedAccessToken);
    appIdentity.setExpiration(new Date(System.currentTimeMillis() + 60L * 60L * 100L));
    AppEngineCredentials credentials = AppEngineCredentials.newBuilder().setScopes(SCOPES).setAppIdentityService(appIdentity).build();
    AccessToken accessToken = credentials.refreshAccessToken();
    assertEquals(appIdentity.getAccessTokenText(), accessToken.getTokenValue());
    assertEquals(appIdentity.getExpiration(), accessToken.getExpirationTime());
}