com.google.api.client.auth.oauth2.AuthorizationCodeFlow Java Examples

@Override
protected AuthorizationCodeFlow initializeFlow() throws IOException {
	return new AuthorizationCodeFlow.Builder(BearerToken.authorizationHeaderAccessMethod(),
			new NetHttpTransport(),
			new JacksonFactory(),
			// token server URL:
			// new GenericUrl("https://server.example.com/token"),
			new GenericUrl("https://accounts.google.com/o/oauth2/auth"),
			new BasicAuthentication("458072371664.apps.googleusercontent.com",
					"mBp75wknGsGu0WMzHaHhqfXT"),
			"458072371664.apps.googleusercontent.com",
			// authorization server URL:
			"https://accounts.google.com/o/oauth2/auth").
			// setCredentialStore(new JdoCredentialStore(JDOHelper.getPersistenceManagerFactory("transactions-optional")))
			setCredentialStore(new MemoryCredentialStore()).setScopes("https://mail.google.com/")
			// setCredentialStore(new MyCredentialStore())
			.build();
}
 

@Override
protected AuthorizationCodeFlow initializeFlow() throws IOException {
	return new AuthorizationCodeFlow.Builder(BearerToken.authorizationHeaderAccessMethod(),
			new NetHttpTransport(),
			new JacksonFactory(),
			// token server URL:
			// new GenericUrl("https://server.example.com/token"),
			new GenericUrl("https://accounts.google.com/o/oauth2/auth"),
			new BasicAuthentication("458072371664.apps.googleusercontent.com",
					"mBp75wknGsGu0WMzHaHhqfXT"),
			"458072371664.apps.googleusercontent.com",
			// authorization server URL:
			"https://accounts.google.com/o/oauth2/auth").
			// setCredentialStore(new JdoCredentialStore(JDOHelper.getPersistenceManagerFactory("transactions-optional")))
			setCredentialStore(new MemoryCredentialStore()).setScopes("https://mail.google.com/")
			// setCredentialStore(new MyCredentialStore())
			.build();
}
 

/** Authorizes the installed application to access user's protected data. */
private static Credential authorize() throws Exception {
  OAuth2ClientCredentials.errorIfNotSpecified();
  // set up authorization code flow
  AuthorizationCodeFlow flow = new AuthorizationCodeFlow.Builder(BearerToken
      .authorizationHeaderAccessMethod(),
      HTTP_TRANSPORT,
      JSON_FACTORY,
      new GenericUrl(TOKEN_SERVER_URL),
      new ClientParametersAuthentication(
          OAuth2ClientCredentials.API_KEY, OAuth2ClientCredentials.API_SECRET),
      OAuth2ClientCredentials.API_KEY,
      AUTHORIZATION_SERVER_URL).setScopes(Arrays.asList(SCOPE))
      .setDataStoreFactory(DATA_STORE_FACTORY).build();
  // authorize
  LocalServerReceiver receiver = new LocalServerReceiver.Builder().setHost(
      OAuth2ClientCredentials.DOMAIN).setPort(OAuth2ClientCredentials.PORT).build();
  return new AuthorizationCodeInstalledApp(flow, receiver).authorize("user");
}
 

/** Authorizes the installed application to access user's protected data. */
private static Credential authorize() throws Exception {
    // set up authorization code flow
    String clientId = "pkce-test-client";
    AuthorizationCodeFlow flow = new AuthorizationCodeFlow.Builder(
            BearerToken.authorizationHeaderAccessMethod(),
            HTTP_TRANSPORT,
            JSON_FACTORY,
            new GenericUrl(TOKEN_SERVER_URL),
            new ClientParametersAuthentication(clientId, null),
            clientId,
            AUTHORIZATION_SERVER_URL)
            .setScopes(Arrays.asList(SCOPE))
            .enablePKCE()
            .setDataStoreFactory(DATA_STORE_FACTORY).build();
    // authorize
    LocalServerReceiver receiver = new LocalServerReceiver.Builder().setHost("127.0.0.1").build();
    return new AuthorizationCodeInstalledApp(flow, receiver).authorize("user");
}
 

protected String retrieveAccessToken(String accessTokenUrl, String authorizationUrl, String clientId,
									 String clientSecret, List<String> scopes, String user) throws IOException {
	JsonFactory jsonFactory = new JacksonFactory();
	HttpTransport httpTransport = new NetHttpTransport();
	AuthorizationCodeFlow flow = new AuthorizationCodeFlow.Builder(BearerToken.authorizationHeaderAccessMethod(),
			httpTransport, jsonFactory, new GenericUrl(accessTokenUrl),
			new ClientParametersAuthentication(clientId, clientSecret), clientId, authorizationUrl)
			.setScopes(scopes).build();
	LocalServerReceiver receiver = new LocalServerReceiver.Builder().setHost(receiverHost).setPort(receiverPort)
			.build();
	return new AuthorizationCodeInstalledApp(flow, receiver).authorize(user).getAccessToken();
}
 

/**
 * This method should be invoked by child class for initialization default instance of {@link
 * AuthorizationCodeFlow} that will be used for authorization
 */
protected void configure(
    String clientId,
    String clientSecret,
    String[] redirectUris,
    String authUri,
    String tokenUri,
    MemoryDataStoreFactory dataStoreFactory,
    List<String> scopes)
    throws IOException {
  final AuthorizationCodeFlow authorizationFlow =
      new AuthorizationCodeFlow.Builder(
              BearerToken.authorizationHeaderAccessMethod(),
              new NetHttpTransport(),
              new JacksonFactory(),
              new GenericUrl(tokenUri),
              new ClientParametersAuthentication(clientId, clientSecret),
              clientId,
              authUri)
          .setDataStoreFactory(dataStoreFactory)
          .setScopes(scopes)
          .build();

  LOG.debug(
      "clientId={}, clientSecret={}, redirectUris={} , authUri={}, tokenUri={}, dataStoreFactory={}",
      clientId,
      clientSecret,
      redirectUris,
      authUri,
      tokenUri,
      dataStoreFactory);

  configure(authorizationFlow, Arrays.asList(redirectUris));
}
 

/**
 * This method should be invoked by child class for setting instance of {@link
 * AuthorizationCodeFlow} that will be used for authorization
 */
protected void configure(AuthorizationCodeFlow flow, List<String> redirectUris) {
  this.flow = flow;
  this.redirectUrisMap = new HashMap<>(redirectUris.size());
  for (String uri : redirectUris) {
    // Redirect URI may be in form urn:ietf:wg:oauth:2.0:oob os use java.net.URI instead of
    // java.net.URL
    this.redirectUrisMap.put(
        Pattern.compile("([a-z0-9\\-]+\\.)?" + URI.create(uri).getHost()), uri);
  }
}
 

/**
 * @param flow authorization code flow
 * @param receiver verification code receiver
 */
public AuthorizationCodeInstalledApp(
    AuthorizationCodeFlow flow, VerificationCodeReceiver receiver, Browser browser) {
  this.flow = Preconditions.checkNotNull(flow);
  this.receiver = Preconditions.checkNotNull(receiver);
  this.browser = browser;
}
 

public CustomAuthorizationCodeInstalledApp( AuthorizationCodeFlow flow, VerificationCodeReceiver receiver ) {
  super( flow, receiver );
}
 

public CustomAuthorizationCodeInstalledApp( AuthorizationCodeFlow flow, VerificationCodeReceiver receiver ) {
  super( flow, receiver );
}
 

/** Returns the authorization code flow. */
public final AuthorizationCodeFlow getFlow() {
  return flow;
}
 

/**
 * @param flow authorization code flow
 * @param receiver verification code receiver
 */
public AuthorizationCodeInstalledApp(
    AuthorizationCodeFlow flow, VerificationCodeReceiver receiver) {
  this(flow, receiver,  new DefaultBrowser());
}
 

public AuthorizationCodeInstalledAppTalend(AuthorizationCodeFlow flow, VerificationCodeReceiver receiver) {
    super(flow, receiver);
}
 

/**
 * Gets the underlying {@link AuthorizationCodeFlow}.
 */
public AuthorizationCodeFlow getAuthorizationCodeFlow() {
    return authorizationCodeFlow;
}
 

/**
 * Sets the authorization code flow.
 */
public Builder setAuthorizationCodeFlow(AuthorizationCodeFlow authorizationCodeFlow) {
    this.authorizationCodeFlow = authorizationCodeFlow;
    return this;
}
 

@Override
protected AuthorizationCodeFlow initializeFlow() throws IOException {
  return Utils.newFlow();
}
 

/**
 * Loads the authorization code flow to be used across all HTTP servlet requests (only called
 * during the first HTTP servlet request with an authorization code).
 */
@Override
protected AuthorizationCodeFlow initializeFlow() throws IOException {
  return Utils.newFlow();
}
 

/**
 * Handles the the securityRealm/commenceLogin resource and sends the user off to the IdP
 * @param from the relative URL to the page that the user has just come from
 * @param referer the HTTP referer header (where to redirect the user back to after login has finished)
 * @return an {@link HttpResponse} object
*/
public HttpResponse doCommenceLogin(@QueryParameter String from, @Header("Referer") final String referer) {
    final String redirectOnFinish = determineRedirectTarget(from, referer);

    final AuthorizationCodeFlow flow = new AuthorizationCodeFlow.Builder(
            BearerToken.queryParameterAccessMethod(),
            httpTransport,
            JSON_FACTORY,
            new GenericUrl(tokenServerUrl),
            new ClientParametersAuthentication(
                    clientId,
                    clientSecret.getPlainText()
            ),
            clientId,
            authorizationServerUrl
    )
        .setScopes(Arrays.asList(scopes))
        .build();

    return new OicSession(flow, from, buildOAuthRedirectUrl()) {
        @Override
        public HttpResponse onSuccess(String authorizationCode) {
            try {
                AuthorizationCodeTokenRequest tokenRequest = flow.newTokenRequest(authorizationCode)
                    .setRedirectUri(buildOAuthRedirectUrl());
                // Supplying scope is not allowed when obtaining an access token with an authorization code.
                tokenRequest.setScopes(Collections.<String>emptyList());

                IdTokenResponse response = IdTokenResponse.execute(tokenRequest);

                this.setIdToken(response.getIdToken());

                IdToken idToken = IdToken.parse(JSON_FACTORY, response.getIdToken());

                Object username;
                GenericJson userInfo = null;
                if (Strings.isNullOrEmpty(userInfoServerUrl)) {
                    username = getField(idToken.getPayload(), userNameField);
                    if(username == null) {
                        return HttpResponses.error(500,"no field '" + userNameField + "' was supplied in the token payload to be used as the username");
                    }
                } else {
                    userInfo = getUserInfo(flow, response.getAccessToken());
                    username = getField(userInfo, userNameField);
                    if(username == null) {
                        return HttpResponses.error(500,"no field '" + userNameField + "' was supplied by the UserInfo payload to be used as the username");
                    }
                }

                if(failedCheckOfTokenField(idToken)) {
                    return HttpResponses.errorWithoutStack(401, "Unauthorized");
                }

                flow.createAndStoreCredential(response, null);

                loginAndSetUserData(username.toString(), idToken, userInfo);

                return new HttpRedirect(redirectOnFinish);

            } catch (IOException e) {
                return HttpResponses.error(500,e);
            }

        }
    }.doCommenceLogin();
}
 

OicSession(AuthorizationCodeFlow flow, String from, String redirectUrl) {
    this.flow = flow;
    this.from = from;
    this.redirectUrl = redirectUrl;
}
 

/**
 * Loads the authorization code flow to be used across all HTTP servlet requests (only called
 * during the first HTTP servlet request).
 */
protected abstract AuthorizationCodeFlow initializeFlow() throws ServletException, IOException;
 

/**
 * Loads the authorization code flow to be used across all HTTP servlet requests (only called
 * during the first HTTP servlet request with an authorization code).
 */
protected abstract AuthorizationCodeFlow initializeFlow() throws ServletException, IOException;