com.google.appengine.api.oauth.OAuthRequestException Java Examples

/**
 * GET for getting one endorsement.
 *
 * @throws InternalServerErrorException in case something goes wrong
 * @throws OAuthRequestException in case of authentication problem
 * @throws NotFoundException in case the information are not founded
 * @throws BadRequestException in case a request with problem were made.
 */
@Override
public Response getEndorsementsByTech(String techId, User user)
    throws InternalServerErrorException, BadRequestException, NotFoundException,
    OAuthRequestException {
  final List<Endorsement> endorsementsByTech = endorsementDao.findAllActivesByTechnology(techId);
  final List<EndorsementsGroupedByEndorsedTransient> grouped =
      groupEndorsementByEndorsed(endorsementsByTech, techId);
  final Technology technology = techService.getTechnologyById(techId, user);

  techService.updateEdorsedsCounter(technology, grouped.size());

  groupUsersWithSkill(grouped, technology);

  Collections.sort(grouped, new EndorsementsGroupedByEndorsedTransient());
  final ShowEndorsementsResponse response = new ShowEndorsementsResponse();
  response.setEndorsements(grouped);
  return response;
}
 

/**
 * Register a device to the backend
 *
 * @param regId The Google Cloud Messaging registration Id to add
 */
@ApiMethod(name = "register")
public void registerDevice(@Named("regId") String regId, User user) throws OAuthRequestException {
    if(user == null){
        throw new OAuthRequestException("Not authorized");
    }
    final String userId = PresenterRecord.getUserId(user.getEmail());
    log.info("Registration for userId: " + userId);
    PresenterRecord record = ofy().load().
            key(Key.create(PresenterRecord.class, userId)).now();
    if(record == null){
        log.info("Record not found for userId '" + userId + "'. Adding new record");
        record = new PresenterRecord();
        record.setUserId(userId);
    }
    if (record.getRegIds().contains(regId)) {
        log.info("Device " + regId + " already registered, skipping register");
    }
    else {
        record.addRegistrationId(regId);
    }
    record.updateTime();
    ofy().save().entity(record).now();
}
 

@ApiMethod(name = "getSignRequest", path="get/sign")
public List<String> getSignRequest(User user) throws OAuthRequestException {
  if (user == null) {
    throw new OAuthRequestException("User is not authenticated");
  }

  PublicKeyCredentialRequestOptions assertion =
      new PublicKeyCredentialRequestOptions(Constants.APP_ID);
  SessionData session = new SessionData(assertion.challenge, Constants.APP_ID);
  session.save(user.getEmail());

  assertion.populateAllowList(user.getEmail());
  JsonObject assertionJson = assertion.getJsonObject();
  JsonObject sessionJson = session.getJsonObject();
  assertionJson.add("session", sessionJson);

  List<String> resultList = new ArrayList<String>();
  resultList.add(assertionJson.toString());
  return resultList;
}
 

@ApiMethod(name = "getRegistrationRequest", path="get/register")
public List<String> getRegistrationRequest(User user) throws OAuthRequestException {
  if (user == null) {
    throw new OAuthRequestException("User is not authenticated");
  }

  PublicKeyCredentialCreationOptions options = new PublicKeyCredentialCreationOptions(
      user.getNickname() /* userName */, user.getEmail() /* userId */,
      Constants.APP_ID /* rpId */, Constants.APP_ID /* rpName */);
  SessionData session = new SessionData(options.challenge, Constants.APP_ID);
  session.save(user.getEmail());
  JsonObject sessionJson = session.getJsonObject();
  JsonObject optionsJson = options.getJsonObject();
  optionsJson.add("session", sessionJson);

  List<String> resultList = new ArrayList<String>();
  resultList.add(optionsJson.toString());
  return resultList;
}
 

@Override
public User authenticate(HttpServletRequest req) {
    OAuthService authService = OAuthServiceFactory.getOAuthService();
    com.google.appengine.api.users.User currentUser;

    try {
      currentUser = authService.getCurrentUser(Constants.EMAIL_SCOPE);
      // Check current user..
      if(currentUser != null) {
        String email = currentUser.getEmail();
        // Check domain..
        if(isValidDomain(email) || isWhiteList(email)) {
          return new User(currentUser.getUserId(), currentUser.getEmail());
        }
      }
      throw new RestrictedDomainException(i18n.t("Authorization error"));
    }
    catch(OAuthRequestException  e) {
      log.log(Level.WARNING, "Error when trying to authenticate. Message: " + e.getMessage(), e);
      return null;
    }
}
 

@Override
public void doPost(final HttpServletRequest req, final HttpServletResponse resp)
    throws IOException {

  resp.setContentType("text/plain");
  PrintWriter out = resp.getWriter();

  final String scope = "https://www.googleapis.com/auth/userinfo.email";
  OAuthService oauth = OAuthServiceFactory.getOAuthService();
  User user = null;
  try {
    user = oauth.getCurrentUser(scope);
  } catch (OAuthRequestException e) {
    getServletContext().log("Oauth error", e);
    out.print("auth error");
    return;
  }

  out.print("Hello world, welcome to Oauth2: " + user.getEmail());
}
 

/**
 * Check if the user Id has, at least, one registered device
 *
 */
@ApiMethod(name = "checkRegistration")
public RegisteredResponse checkRegistration(User user) throws OAuthRequestException {
    if(user == null){
        throw new OAuthRequestException("Not authorized");
    }
    RegisteredResponse result = new RegisteredResponse();
    final String userId = PresenterRecord.getUserId(user.getEmail());
    log.info("Checking for registration. userId: " + userId);
    PresenterRecord record = ofy().load().
            key(Key.create(PresenterRecord.class, userId)).now();
    if(record != null){
        result.setRegistered(true);
    }
    return result;
}
 

/**
 *
 * @param versionNumber Version number for which message should be retrieved
 */
@ApiMethod(name = "getMessageForVersion")
public VersionMessage getMessageForVersion(@Named("versionNumber")int versionNumber, User user)
        throws IOException, OAuthRequestException {
    if(user == null){
        throw new OAuthRequestException("Not authorized");
    }
    final String userId = PresenterRecord.getUserId(user.getEmail());
    if(log.isLoggable(Level.FINE)) {
        log.fine("Get message version for userId " +
                userId + ". Version number: " + versionNumber);
    }
    VersionMessage message = new VersionMessage(
            VersionMessage.ACTION_NOTHING, "", "");
    return message;
}
 

@Override
public Skill getUserSkill(String techId, TechGalleryUser user) throws BadRequestException,
    OAuthRequestException, NotFoundException, InternalServerErrorException {
  // User can't be null
  if (user == null) {
    throw new OAuthRequestException(i18n.t("Null user reference!"));
  }

  // Technology can't be null
  final Technology technology = techService.getTechnologyById(techId, null);
  if (technology == null) {
    throw new NotFoundException(i18n.t("Technology do not exists!"));
  }
  final Skill userSkill = skillDao.findByUserAndTechnology(user, technology);
  if (userSkill == null) {
    return null;
  } else {
    return userSkill;
  }
}
 

@Override
public Response getLinksByTech(String techId, User user) throws InternalServerErrorException,
    BadRequestException, NotFoundException, OAuthRequestException {

  final Technology technology = techService.getTechnologyById(techId, user);

  validateUser(user);
  validateTechnology(technology);

  final List<TechnologyLink> linksByTech =
      technologyLinkDao.findAllByTechnology(technology);
  final TechnologyLinksTO response = new TechnologyLinksTO();
  response.setLinks(linksByTech);

  return response;
}
 

@Override
public Response getCommentsByTech(String techId, User user) throws InternalServerErrorException,
    BadRequestException, NotFoundException, OAuthRequestException {

  final Technology technology = techService.getTechnologyById(techId, user);

  validateUser(user);
  validateTechnology(technology);

  final List<TechnologyComment> commentsByTech =
      technologyCommentDao.findAllActivesByTechnology(technology);
  final TechnologyCommentsTO response = new TechnologyCommentsTO();
  response.setComments(commentsByTech);
  /*
   * for (TechnologyComment comment : response.getComments()) { setCommentRecommendation(comment);
   * }
   */
  return response;
}
 

private List<EndorsementsGroupedByEndorsedTransient> transformGroupedUserMapIntoList(
    Map<TechGalleryUser, List<TechGalleryUser>> mapUsersGrouped, String techId)
        throws BadRequestException, NotFoundException, InternalServerErrorException,
        OAuthRequestException {
  final List<EndorsementsGroupedByEndorsedTransient> groupedList =
      new ArrayList<EndorsementsGroupedByEndorsedTransient>();

  for (final Map.Entry<TechGalleryUser, List<TechGalleryUser>> entry : mapUsersGrouped
      .entrySet()) {
    final EndorsementsGroupedByEndorsedTransient grouped =
        new EndorsementsGroupedByEndorsedTransient();
    grouped.setEndorsed(entry.getKey());
    final Skill response = skillService.getUserSkill(techId, entry.getKey());
    if (response != null) {
      grouped.setEndorsedSkill(response.getValue());
    } else {
      grouped.setEndorsedSkill(0);
    }
    grouped.setEndorsers(entry.getValue());
    groupedList.add(grouped);
  }
  return groupedList;
}
 

@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException,
        IOException {
    try {
        cleanUp();
    } catch (OAuthRequestException e) {
        throw new ServletException("Could not perform cleanup", e);
    }
}
 

@Override
public String[] getAuthorizedScopes(String... scopes) throws OAuthRequestException {
  if (!isOAuthEnabled) {
    throw new OAuthRequestException("invalid OAuth request");
  }
  return authorizedScopes.toArray(new String[0]);
}
 

@Override
public String getClientId(String scope) throws OAuthRequestException {
  if (!isOAuthEnabled) {
    throw new OAuthRequestException("invalid OAuth request");
  }
  return clientId;
}
 

/**
 *
 */
private void cleanUp() throws IOException, OAuthRequestException {

    List<PresenterRecord> oldRecords = ofy().load().
            type(PresenterRecord.class).filter(
            "lastUpdate <", new Date(System.currentTimeMillis() - EXPIRY_MILLISECONDS)).list();
    log.info("Found " + oldRecords.size() + " old entries.");
    ofy().delete().entities(oldRecords).now();
}
 

@Override
public TechGalleryUser saveUserPreference(Boolean postGooglePlusPreference, User user)
    throws NotFoundException, BadRequestException, InternalServerErrorException, IOException, OAuthRequestException {

  validateUser(user);

  TechGalleryUser techUser = userDao.findByEmail(user.getEmail());
  if (postGooglePlusPreference != null) {
    techUser.setPostGooglePlusPreference(postGooglePlusPreference);
    userDao.update(techUser);
  }
  return techUser;
}
 

@Test
public void testGetOAuth2UserAppEngineProdClientIdNotAllowed() throws Exception {
  when(config.getScopeExpression()).thenReturn(AuthScopeExpressions.interpret(SCOPES));
  when(oauthService.getAuthorizedScopes(SCOPES)).thenReturn(SCOPES);
  when(oauthService.getClientId(SCOPES)).thenThrow(new OAuthRequestException("any"))
      .thenReturn(null).thenReturn(CLIENT_ID);
  when(config.getClientIds()).thenReturn(ImmutableList.of("clientId2"));
  for (int i = 0; i < 3; i++) {
    assertNull(authenticator.getOAuth2User(request, config));
  }
}
 

/**
 * This method should be executed whenever a user logs in It check whether the
 * user exists on TG's datastore and create them, if not. It also checks if
 * the user's email has been changed and update it, in case it was changed.
 *
 * @param user
 *          A Google AppEngine API user
 * @return A response with the user data as it is on TG datastore
 *
 * @throws InternalServerErrorException
 *           in case something goes wrong
 * @throws NotFoundException
 *           in case the information are not founded
 * @throws BadRequestException
 *           in case a request with problem were made.
 * @throws OAuthRequestException
 *           in case of authentication problem
 * @throws IOException
 *           in case of a IO exception
 */
@Override
public TechGalleryUser handleLogin(Integer timezoneOffset, final User user, HttpServletRequest req)
    throws NotFoundException, BadRequestException, InternalServerErrorException, IOException,
    OAuthRequestException {
  authorize(user);
  String userEmail = user.getEmail();
  String header = req.getHeader("Authorization");
  String accesstoken = header.substring(header.indexOf(' ')).trim(); // "Bearer
                                                                     // ".length

  GoogleCredential credential = new GoogleCredential().setAccessToken(accesstoken);
  Plus plus = new Plus.Builder(new NetHttpTransport(), new JacksonFactory(), credential)
      .setApplicationName(i18n.t("Tech Gallery")).build();
  Person person = plus.people().get("me").execute();
  TechGalleryUser tgUser = userDao.findByGoogleId(user.getUserId());
  // Couldn't find by googleID. Try email
  if (tgUser == null) {
    tgUser = userDao.findByEmail(userEmail);
  }
  // Ok, we couldn't find it. Create it.
  if (tgUser == null) {
    tgUser = new TechGalleryUser();
  }
  updateUserInformation(user, person, tgUser);
  tgUser.setTimezoneOffset(timezoneOffset);
  addUser(tgUser);
  log.info("User " + tgUser.getName() + " added/updated");
  return tgUser;
}
 

@Override
public Technology deleteTechnology(String technologyId, User user)
        throws InternalServerErrorException, BadRequestException, NotFoundException, OAuthRequestException {
    validateUser(user);
    Technology technology = technologyDAO.findById(technologyId);
    if (technology == null) {
        throw new NotFoundException(ValidationMessageEnums.NO_TECHNOLOGY_WAS_FOUND.message());
    }
    technology.setActive(Boolean.FALSE);
    technology.setLastActivity(new Date());
    technology.setLastActivityUser(user.getEmail());
    technologyDAO.update(technology);
    return technology;
}
 

@ApiMethod(name = "removeSecurityKey")
public String[] removeSecurityKey(User user, @Named("publicKey") String publicKey)
    throws OAuthRequestException {
  if (user == null) {
    throw new OAuthRequestException("User is not authenticated");
  }

  Credential.remove(user.getEmail(), publicKey);
  return new String[] {"OK"};
}
 

@Override
public Skill getUserSkill(String techId, User user) throws BadRequestException,
    OAuthRequestException, NotFoundException, InternalServerErrorException {
  // user google id
  String googleId;
  // user from techgallery datastore
  TechGalleryUser tgUser;
  // User from endpoint can't be null
  if (user == null) {
    throw new OAuthRequestException(i18n.t("OAuth error, null user reference!"));
  } else {
    googleId = user.getUserId();
  }

  // TechGalleryUser can't be null and must exists on datastore
  if (googleId == null || googleId.equals("")) {
    throw new BadRequestException(i18n.t("Current user was not found!"));
  } else {
    // get the TechGalleryUser from datastore or PEOPLE API
    tgUser = userService.getUserByGoogleId(googleId);
    if (tgUser == null) {
      throw new BadRequestException(i18n.t("Endorser user do not exists on datastore!"));
    }
  }

  // Technology can't be null
  final Technology technology = techService.getTechnologyById(techId, user);
  if (technology == null) {
    throw new BadRequestException(i18n.t("Technology do not exists!"));
  }
  final Skill userSkill = skillDao.findByUserAndTechnology(tgUser, technology);
  if (userSkill == null) {
    throw new NotFoundException(i18n.t("User skill do not exist!"));
  } else {
    return userSkill;
  }
}
 

@Override
public TechnologyLink deleteLink(Long linkId, User user)
    throws InternalServerErrorException, BadRequestException, NotFoundException,
    OAuthRequestException {

  validateDeletion(linkId, user);

  final TechnologyLink link = technologyLinkDao.findById(linkId);
  technologyLinkDao.delete(link);

  // TODO: Atualiza contador de links na tecnologia quando tivermos
  // techService.removeLinksCounter(link.getTechnology().get());

  return link;
}
 

@ApiMethod(name = "getAllSecurityKeys", path = "getAllSecurityKeys")
  public String[] getAllSecurityKeys(User user) throws OAuthRequestException {
    if (user == null) {
      throw new OAuthRequestException("User is not authenticated");
    }

    List<Credential> savedCreds = Credential.load(user.getEmail());
    JsonArray result = new JsonArray();

    for (Credential c : savedCreds) {
      JsonObject cJson = new JsonObject();
      cJson.addProperty("handle", BaseEncoding.base64Url().encode(c.getCredential().rawId));
      // TODO
/*
      try {
        cJson.addProperty("publicKey", Integer.toHexString(
            Crypto.decodePublicKey(ecc.getX(), ecc.getY()).hashCode()));
      } catch (WebAuthnException e) {
        e.printStackTrace();
        continue;
      }
*/
      AttestationObject attObj =
          ((AuthenticatorAttestationResponse) c.getCredential().getResponse())
              .getAttestationObject();
      if (attObj.getAttestationStatement() instanceof FidoU2fAttestationStatement) {
        cJson.addProperty("name", "FIDO U2F Authenticator");
      } else if (attObj.getAttestationStatement() instanceof AndroidSafetyNetAttestationStatement) {
        cJson.addProperty("name", "Android SafetyNet");
      }
      cJson.addProperty("date", c.getDate().toString());
      cJson.addProperty("id", c.id);
      result.add(cJson);
    }

    return new String[] {result.toString()};
  }
 

@Override
public Project getProject(Long projId, TechGalleryUser user) throws BadRequestException,
        OAuthRequestException, NotFoundException, InternalServerErrorException {
    // User can't be null
    if (user == null) {
        throw new OAuthRequestException(i18n.t("Null user reference!"));
    }

    final Project project = projectDao.findById(projId);
    if (project == null) {
        throw new NotFoundException(i18n.t("User skill does not exist!"));
    } else {
        return project;
    }
}
 

@Override
public Project getProject(Long projId, User user) throws BadRequestException,
        OAuthRequestException, NotFoundException, InternalServerErrorException {
    // user google id
    String googleId;
    // user from techgallery datastore
    TechGalleryUser tgUser;
    // User from endpoint can't be null
    if (user == null) {
        throw new OAuthRequestException(i18n.t("OAuth error, null user reference!"));
    } else {
        googleId = user.getUserId();
    }

    // TechGalleryUser can't be null and must exists on datastore
    if (googleId == null || googleId.equals("")) {
        throw new BadRequestException(i18n.t("Current user was not found!"));
    } else {
        // get the TechGalleryUser from datastore or PEOPLE API
        tgUser = userService.getUserByGoogleId(googleId);
        if (tgUser == null) {
            throw new BadRequestException(i18n.t("Endorser user do not exists on datastore!"));
        }
    }

    final Project project = projectDao.findById(projId);
    if (project == null) {
        throw new NotFoundException(i18n.t("User skill does not exist!"));
    } else {
        return project;
    }
}
 

@ApiMethod(name = "processSignResponse")
public List<String> processSignResponse(
    @Named("responseData") String responseData, User user)
    throws OAuthRequestException, ResponseException, ServletException {
  if (user == null) {
    throw new OAuthRequestException("User is not authenticated");
  }

  Gson gson = new Gson();
  JsonElement element = gson.fromJson(responseData, JsonElement.class);
  JsonObject object = element.getAsJsonObject();
  String clientDataJSON = object.get("clientDataJSON").getAsString();
  String authenticatorData = object.get("authenticatorData").getAsString();
  String credentialId = object.get("credentialId").getAsString();
  String signature = object.get("signature").getAsString();

  AuthenticatorAssertionResponse assertion =
      new AuthenticatorAssertionResponse(clientDataJSON, authenticatorData, signature);
  // TODO
  String type = null;
  String session = null;

  PublicKeyCredential cred = new PublicKeyCredential(credentialId, type,
      BaseEncoding.base64Url().decode(credentialId), assertion);

  Credential savedCredential;
  try {
    savedCredential = Server.validateAndFindCredential(cred, user.getEmail(), session);
  } catch (ResponseException e) {
    throw new ServletException("Unable to validate assertion", e);
  }

  Server.verifyAssertion(cred, user.getEmail(), session, savedCredential);

  List<String> resultList = new ArrayList<String>();
  resultList.add(savedCredential.toJson());
  return resultList;
}
 

@Override
public TechnologyComment deleteComment(Long commentId, User user)
    throws InternalServerErrorException, BadRequestException, NotFoundException,
    OAuthRequestException {

  validateDeletion(commentId, user);

  final TechnologyComment comment = technologyCommentDao.findById(commentId);
  comment.setActive(false);
  technologyCommentDao.update(comment);
  techService.removeCommentariesCounter(comment.getTechnology().get());

  UserProfileServiceImpl.getInstance().handleCommentChanges(comment);
  return comment;
}
 

@Override
public void deleteCommentAndRecommendationById(Long recommendationId, Long commentId, User user)
    throws InternalServerErrorException, BadRequestException, NotFoundException,
    OAuthRequestException {
  comService.deleteComment(commentId, user);
  recService.deleteRecommendById(recommendationId, user);
}
 

@ApiMethod(name = "saveUserPreference", path = "users/savePreference", httpMethod = "post")
public TechGalleryUser saveUserPreference(
        @Named("postGooglePlusPreference") Boolean postGooglePlusPreference, User user)
        throws NotFoundException, BadRequestException, InternalServerErrorException, IOException,
        OAuthRequestException {
    return service.saveUserPreference(postGooglePlusPreference, user);
}