Skip to content

Commit

Permalink
Add idToken verification to /login post path #43
Browse files Browse the repository at this point in the history
  • Loading branch information
CMenne committed Jun 22, 2018
1 parent 1b1779f commit 6a9d9f0
Showing 1 changed file with 32 additions and 43 deletions.
75 changes: 32 additions & 43 deletions server/src/main/java/server/Server.java
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
package server;

import com.google.api.client.json.JsonFactory;
import com.mongodb.MongoClient;
import com.mongodb.client.MongoDatabase;
import server.database.users.UserRequestHandler;
Expand All @@ -17,8 +18,13 @@
import java.io.InputStream;

import java.io.IOException;
import java.util.Collections;

import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken;
import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken.Payload;
import com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier;
import com.google.api.client.googleapis.auth.oauth2.*;

import com.google.api.client.http.javanet.NetHttpTransport;
import com.google.api.client.json.jackson2.JacksonFactory;

Expand Down Expand Up @@ -105,49 +111,32 @@ public static void main(String[] args) throws IOException {
post("api/login", (req, res) -> {

JSONObject obj = new JSONObject(req.body());
String authCode = obj.getString("code");

try {
// This is where we import the Client Secret File

String CLIENT_SECRET_FILE = "./src/main/java/server/database/server_files/client_secret.json";

GoogleClientSecrets clientSecrets =
GoogleClientSecrets.load(
JacksonFactory.getDefaultInstance(), new FileReader(CLIENT_SECRET_FILE));

GoogleTokenResponse tokenResponse =
new GoogleAuthorizationCodeTokenRequest(
new NetHttpTransport(),
JacksonFactory.getDefaultInstance(),
"https://www.googleapis.com/oauth2/v4/token",
clientSecrets.getDetails().getClientId(),

// Replace clientSecret with the localhost one if testing
clientSecrets.getDetails().getClientSecret(),
authCode,
"http://localhost:9000")

// Specify the same redirect URI that you use with your web
// app. If you don't have a web version of your app, you can
// specify an empty string.
.execute();

GoogleIdToken idToken = tokenResponse.parseIdToken();
GoogleIdToken.Payload payload = idToken.getPayload();
String subjectId = payload.getSubject(); // Use this value as a key to identify a user.
String email = payload.getEmail();
boolean emailVerified = Boolean.valueOf(payload.getEmailVerified());
String name = (String) payload.get("name");
String pictureUrl = (String) payload.get("picture");
String locale = (String) payload.get("locale");
String familyName = (String) payload.get("family_name");
String givenName = (String) payload.get("given_name");

return userController.addNewUser(subjectId, givenName, familyName);

} catch (Exception e) {
System.out.println(e);
String idTokenString = obj.getString("idToken");

String CLIENT_SECRET_FILE = "./src/main/java/server/database/server_files/client_secret.json";

NetHttpTransport transport = new NetHttpTransport();
JsonFactory jsonFactory = new JacksonFactory();

GoogleClientSecrets clientSecrets =
GoogleClientSecrets.load(
JacksonFactory.getDefaultInstance(), new FileReader(CLIENT_SECRET_FILE));

GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(transport, jsonFactory)
.setAudience(Collections.singletonList(clientSecrets.getDetails().getClientId()))
.build();





GoogleIdToken idToken = verifier.verify(idTokenString);

if (idToken != null) {
Payload payload = idToken.getPayload();

System.out.println(payload.getSubject());

}

return "";
Expand Down

0 comments on commit 6a9d9f0

Please sign in to comment.