OAuth 2.0 utilities that help simplify the authorization flow on Google App Engine.
Classes
AbstractAppEngineAuthorizationCodeCallbackServlet
Simple extension of AbstractAuthorizationCodeCallbackServlet that uses the currently logged-in Google Account user, as directed in Security and Authentication.
Note that if there is no currently logged-in user, #getUserId(HttpServletRequest) will throw a NullPointerException. Example to require login for all pages:
<security-constraint> <web-resource-collection> <web-resource-name>any</web-resource-name> <url-pattern>/</url-pattern> </web-resource-collection> <auth-constraint> <role-name></role-name> </auth-constraint> </security-constraint>
Sample usage:
{@code public class ServletCallbackSample extends AbstractAppEngineAuthorizationCodeCallbackServlet {
@Override protected void onSuccess(HttpServletRequest req, HttpServletResponse resp, Credential credential) throws ServletException, IOException { resp.sendRedirect("/"); }
@Override protected void onError( HttpServletRequest req, HttpServletResponse resp, AuthorizationCodeResponseUrl errorResponse) throws ServletException, IOException { // handle error }
@Override protected String getRedirectUri(HttpServletRequest req) throws ServletException, IOException { GenericUrl url = new GenericUrl(req.getRequestURL().toString()); url.setRawPath("/oauth2callback"); return url.build(); }
@Override protected AuthorizationCodeFlow initializeFlow() throws IOException { return new AuthorizationCodeFlow.Builder(BearerToken.authorizationHeaderAccessMethod(), new UrlFetchTransport(), new GsonFactory(), new GenericUrl("https://server.example.com/token"), new BasicAuthentication("s6BhdRkqt3", "7Fjfp0ZBr1KtDRbnfVdmIw"), "s6BhdRkqt3", "https://server.example.com/authorize").setCredentialStore(new AppEngineCredentialStore()) .build(); } }
@since 1.7 @author Yaniv Inbar
AbstractAppEngineAuthorizationCodeServlet
Simple extension of AbstractAuthorizationCodeServlet that uses the currently logged-in Google Account user, as directed in Security and Authentication.
Note that if there is no currently logged-in user, #getUserId(HttpServletRequest) will throw a NullPointerException. Example to require login for all pages:
<security-constraint> <web-resource-collection> <web-resource-name>any</web-resource-name> <url-pattern>/</url-pattern> </web-resource-collection> <auth-constraint> <role-name></role-name> </auth-constraint> </security-constraint>
Sample usage:
public class ServletSample extends AbstractAppEngineAuthorizationCodeServlet {
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws IOException {
// do stuff
}
@Override
protected String getRedirectUri(HttpServletRequest req) throws ServletException, IOException {
GenericUrl url = new GenericUrl(req.getRequestURL().toString());
url.setRawPath("/oauth2callback");
return url.build();
}
@Override
protected AuthorizationCodeFlow initializeFlow() throws IOException {
return new AuthorizationCodeFlow.Builder(BearerToken.authorizationHeaderAccessMethod(),
new UrlFetchTransport(),
new GsonFactory(),
new GenericUrl("https://server.example.com/token"),
new BasicAuthentication("s6BhdRkqt3", "7Fjfp0ZBr1KtDRbnfVdmIw"),
"s6BhdRkqt3",
"https://server.example.com/authorize").setCredentialStore(new AppEngineCredentialStore())
.build();
}
}
AppEngineCredentialStore (deprecated)
Deprecated. (to be removed in the future) Use AppEngineDataStoreFactory with StoredCredential instead, optionally using #migrateTo(AppEngineDataStoreFactory) or #migrateTo(DataStore) to migrating an existing AppEngineCredentialStore.
Beta
Thread-safe Google App Engine implementation of a credential store that directly uses the App
Engine Data Store API.