Class AbstractAppEngineAuthorizationCodeServlet (1.36.0)

Simple extension of AbstractAuthorizationCodeServlet that uses the currently logged-in Google Account user, as directed in Security and Authentication. This uses the jakarta.servlet namespace.

Note that if there is no currently logged-in user, #getUserId(HttpServletRequest) will throw a NullPointerException. Example to require login for all pages:

<security-constraint> <web-resource-collection> <web-resource-name>any</web-resource-name> <url-pattern>/</url-pattern> </web-resource-collection> <auth-constraint> <role-name></role-name> </auth-constraint> </security-constraint>

Sample usage:

public class ServletSample extends AbstractAppEngineAuthorizationCodeServlet {

@Override protected void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException { // do stuff }

@Override protected String getRedirectUri(HttpServletRequest req) throws ServletException, IOException { GenericUrl url = new GenericUrl(req.getRequestURL().toString()); url.setRawPath("/oauth2callback"); return url.build(); }

@Override protected AuthorizationCodeFlow initializeFlow() throws IOException { return new AuthorizationCodeFlow.Builder(BearerToken.authorizationHeaderAccessMethod(), new UrlFetchTransport(), new GsonFactory(), new GenericUrl("https://server.example.com/token"), new BasicAuthentication("s6BhdRkqt3", "7Fjfp0ZBr1KtDRbnfVdmIw"), "s6BhdRkqt3", "https://server.example.com/authorize").setCredentialStore(new AppEngineCredentialStore()) .build(); } }

Returns the user ID for the given HTTP servlet request. This identifies your application's user and is used to fetch persisted credentials for that user. Most commonly, this will be a user id stored in the session or even the session id itself.