Package com.google.api.client.extensions.appengine.auth.oauth2 (1.37.0)

OAuth 2.0 utilities that help simplify the authorization flow on Google App Engine.

Classes

AbstractAppEngineAuthorizationCodeCallbackServlet

Simple extension of AbstractAuthorizationCodeCallbackServlet that uses the currently logged-in Google Account user, as directed in Security and Authentication.

Note that if there is no currently logged-in user, #getUserId(HttpServletRequest) will throw a NullPointerException. Example to require login for all pages:

<security-constraint> <web-resource-collection> <web-resource-name>any</web-resource-name> <url-pattern>/</url-pattern> </web-resource-collection> <auth-constraint> <role-name></role-name> </auth-constraint> </security-constraint>

Sample usage:

{@code public class ServletCallbackSample extends AbstractAppEngineAuthorizationCodeCallbackServlet {

@Override protected void onSuccess(HttpServletRequest req, HttpServletResponse resp, Credential credential) throws ServletException, IOException { resp.sendRedirect("/"); }

@Override protected void onError( HttpServletRequest req, HttpServletResponse resp, AuthorizationCodeResponseUrl errorResponse) throws ServletException, IOException { // handle error }

@Override protected String getRedirectUri(HttpServletRequest req) throws ServletException, IOException { GenericUrl url = new GenericUrl(req.getRequestURL().toString()); url.setRawPath("/oauth2callback"); return url.build(); }

@Override protected AuthorizationCodeFlow initializeFlow() throws IOException { return new AuthorizationCodeFlow.Builder(BearerToken.authorizationHeaderAccessMethod(), new UrlFetchTransport(), new GsonFactory(), new GenericUrl("https://server.example.com/token"), new BasicAuthentication("s6BhdRkqt3", "7Fjfp0ZBr1KtDRbnfVdmIw"), "s6BhdRkqt3", "https://server.example.com/authorize").setCredentialStore(new AppEngineCredentialStore()) .build(); } }

@since 1.7 @author Yaniv Inbar

AbstractAppEngineAuthorizationCodeServlet

Simple extension of AbstractAuthorizationCodeServlet that uses the currently logged-in Google Account user, as directed in Security and Authentication.

Note that if there is no currently logged-in user, #getUserId(HttpServletRequest) will throw a NullPointerException. Example to require login for all pages:

<security-constraint> <web-resource-collection> <web-resource-name>any</web-resource-name> <url-pattern>/</url-pattern> </web-resource-collection> <auth-constraint> <role-name></role-name> </auth-constraint> </security-constraint>

Sample usage:


 public class ServletSample extends AbstractAppEngineAuthorizationCodeServlet {

 @Override
 protected void doGet(HttpServletRequest request, HttpServletResponse response)
 throws IOException {
 // do stuff
 }

 @Override
 protected String getRedirectUri(HttpServletRequest req) throws ServletException, IOException {
 GenericUrl url = new GenericUrl(req.getRequestURL().toString());
 url.setRawPath("/oauth2callback");
 return url.build();
 }

 @Override
 protected AuthorizationCodeFlow initializeFlow() throws IOException {
 return new AuthorizationCodeFlow.Builder(BearerToken.authorizationHeaderAccessMethod(),
 new UrlFetchTransport(),
 new GsonFactory(),
 new GenericUrl("https://server.example.com/token"),
 new BasicAuthentication("s6BhdRkqt3", "7Fjfp0ZBr1KtDRbnfVdmIw"),
 "s6BhdRkqt3",
 "https://server.example.com/authorize").setCredentialStore(new AppEngineCredentialStore())
 .build();
 }
 }
 

AppEngineCredentialStore (deprecated)

Deprecated. (to be removed in the future) Use AppEngineDataStoreFactory with StoredCredential instead, optionally using #migrateTo(AppEngineDataStoreFactory) or #migrateTo(DataStore) to migrating an existing AppEngineCredentialStore.

Beta
Thread-safe Google App Engine implementation of a credential store that directly uses the App Engine Data Store API.