Package com.almende.eve.auth.google

Source Code of com.almende.eve.auth.google.AuthServlet

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
/**
* AuthServlet for Google OAuth 2.0
*
* Jos de Jong, 2013-02-15
*
* Used libraries:
*     jackson-annotations-2.0.0.jar
*     jackson-core-2.0.0.jar
*     jackson-databind-2.0.0.jar
*
* Documentation:
*     https://developers.google.com/accounts/docs/OAuth2WebServer
*/
package com.almende.eve.auth.google;

import java.io.IOException;
import java.io.InputStream;
import java.io.PrintWriter;
import java.net.URLEncoder;
import java.util.HashMap;
import java.util.Map;
import java.util.logging.Logger;

import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.almende.eve.config.Config;
import com.almende.eve.rpc.jsonrpc.JSONRequest;
import com.almende.eve.rpc.jsonrpc.jackson.JOM;
import com.almende.util.HttpUtil;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.node.ObjectNode;


@SuppressWarnings("serial")
public class AuthServlet extends HttpServlet {
  private Logger logger = Logger.getLogger(this.getClass().getSimpleName());
 
  // Specify the correct client id and secret for web applications
  // Create them at the Google API console: https://code.google.com/apis/console/
  private String CLIENT_ID = null;
  private String CLIENT_SECRET = null;
  String REDIRECT_URI = null;
 
  // hard coded uri's
  private String AGENTS_METHOD = "setAuthorization";
  private String OAUTH_URI  = "https://accounts.google.com/o/oauth2";
  private String CONFIG_FILENAME = "/WEB-INF/eve.yaml";
  private String SPACE = " ";
  private String SCOPE =
    "https://www.googleapis.com/auth/userinfo.email" + SPACE +
    "https://www.googleapis.com/auth/userinfo.profile" + SPACE +
    "https://www.googleapis.com/auth/calendar" + SPACE +
    "https://www.googleapis.com/auth/tasks";

  private ObjectMapper mapper = new ObjectMapper();

  @Override
  public void init() {
    try {
      // load configuration
      InputStream is = getServletContext().getResourceAsStream(CONFIG_FILENAME);
      Config config = new Config(is);

      CLIENT_ID = config.get("google", "client_id");
      if (CLIENT_ID == null) {
        throw new Exception("Parameter 'google.client_id' missing in config");
      }
     
      CLIENT_SECRET = config.get("google", "client_secret");
      if (CLIENT_SECRET == null) {
        throw new Exception("Parameter 'google.client_secret' missing in config");
      }

      REDIRECT_URI = config.get("google_auth_servlet_url");
     
      // TODO: cleanup deprecated parameter some day (deprecated since 2013-02-15)
      if (REDIRECT_URI == null) {
        REDIRECT_URI = config.get("auth_google_servlet_url");
        if (REDIRECT_URI != null) {
          logger.warning("Parameter 'auth_google_servlet_url' is deprecated. " +
              "Use 'google_auth_servlet_url' instead.");
        }
      }

      if (REDIRECT_URI == null) {
        String path = "auth_google_servlet_url";
        Exception e = new Exception("Config parameter '" + path + "' is missing");
        e.printStackTrace();
      }     
    } catch (Exception e) {
      e.printStackTrace();
    }   
  }
 
  @Override
  public void doGet(HttpServletRequest req, HttpServletResponse resp)
      throws IOException {
    // read parameters code and access_token from query parameters or cookies
    String code = req.getParameter("code");
    String state = req.getParameter("state");
    String error = req.getParameter("error");
    String agentUrl = req.getParameter("agentUrl");
    String agentMethod = req.getParameter("agentMethod");
    String applicationCallback = req.getParameter("applicationCallback");

    PrintWriter out = resp.getWriter();
    resp.setContentType("text/html");

    // print error if any
    if (error != null) {
      printPageStart(out);
      printError(out, error);   
      printPageEnd(out);
      return;
    }
   
    // directly redirect to Google authorization page if an agents URL is provided
    if (agentUrl != null && agentMethod != null) {
      redirectToGoogleAuthorization(resp, agentUrl, agentMethod, applicationCallback);
      return;
    }

    // First step: show a form to authenticate
    if (code == null && state == null) {
      printPageStart(out);
      printAuthorizeForm(out);
      printPageEnd(out);
      return;
    }

    // Second step: exchange code with authentication token
    // After having authorized at google, the user is send back to this
    // servlet, with the url containing a code and status
    if (code != null && state != null){
      ObjectNode auth = exchangeCodeForAuthorization(code);

      // TODO: remove logging
      //System.out.println("Authorization code exchanged for access token: " + mapper.writeValueAsString(auth));
     
      if (auth.has("error")) {
        printPageStart(out);
        printError(out, mapper.writeValueAsString(auth.get("error")));
        printPageEnd(out);             
        return;
      }
      ObjectNode stateJson = mapper.readValue(state, ObjectNode.class);
      String statusAgentUrl = stateJson.has("agentUrl") ? stateJson.get("agentUrl").asText() : null;
      String statusAgentMethod = stateJson.has("agentMethod") ? stateJson.get("agentMethod").asText() : null;
      String statusApplicationCallback = stateJson.has("applicationCallback") ? stateJson.get("applicationCallback").asText() : null;

      // send the retrieved authorization to the agent
      sendAuthorizationToAgent(statusAgentUrl, statusAgentMethod, auth);

      if (statusApplicationCallback != null) {
        resp.sendRedirect(statusApplicationCallback);
        return;
      }
      else {
        printPageStart(out);
        printSuccess(out, statusAgentUrl);
        printPageEnd(out);
        return;
      }
    }   
  }
 
  private String createAuthorizationUrl() throws IOException {
    Map<String, String> params = new HashMap<String, String>();
    params.put("scope", SCOPE);
    params.put("redirect_uri", REDIRECT_URI);
    params.put("response_type", "code");
    params.put("access_type", "offline");
    params.put("client_id", CLIENT_ID);
    params.put("approval_prompt", "force");
    String url = HttpUtil.appendQueryParams(OAUTH_URI + "/auth", params);
   
    return url;
  }
 
  private void redirectToGoogleAuthorization(HttpServletResponse resp,
      String agentUrl, String agentMethod, String applicationCallback) throws IOException {
    String url = createAuthorizationUrl();
    ObjectNode st = JOM.createObjectNode();
    st.put("agentUrl", agentUrl);
    st.put("agentMethod", agentMethod);
    if (applicationCallback != null) {
      st.put("applicationCallback", applicationCallback);
    }

    url += "&state=" +
      URLEncoder.encode(JOM.getInstance().writeValueAsString(st), "UTF-8");
    resp.sendRedirect(url);   
  }

  private ObjectNode exchangeCodeForAuthorization(String code) throws IOException {
    Map<String, String> params = new HashMap<String, String>();
    params.put("code", code);
    params.put("client_id", CLIENT_ID);
    params.put("client_secret", CLIENT_SECRET);
    params.put("redirect_uri", REDIRECT_URI);
    params.put("grant_type", "authorization_code");
    String res = HttpUtil.postForm(OAUTH_URI + "/token", params);

    ObjectNode json = mapper.readValue(res, ObjectNode.class);
    return json;
  }
 
  private void sendAuthorizationToAgent(String agentUrl, String agentMethod,
      ObjectNode auth) throws IOException {
    JSONRequest rpcRequest = new JSONRequest(agentMethod, auth);
    HttpUtil.post(agentUrl, rpcRequest.toString());
  }
 
  private void printPageStart(PrintWriter out) {
    out.print("<html>" +
        "<head>" +
        "<title>Authorize Eve agents</title>" +
        "<style>" +
        "body {width: 700px;}" +
        "body, th, td, input {font-family: arial; font-size: 10pt; color: #4d4d4d;}" +
        "th {text-align: left;}" +
        "input[type=text] {border: 1px solid lightgray;}" +
        ".error {color: red;}" +
        "</style>" +
        "</head>" +
        "<body>" +
        "<h1>Authorize Eve agents</h1>" +
        "<p>" +
        "On this page, you can grant an Eve agent access to your data, " +
        "for example access to your calendar." +
        "</p>");   
  }
 
  private void printPageEnd(PrintWriter out) {
    out.print(
      "</body>" +
      "</html>"     
    );
  }
 
  private void printAuthorizeForm(PrintWriter out) throws IOException {
    String url = createAuthorizationUrl();
    out.print("<script type='text/javascript'>" +
      "function auth() {" +
      "  var state={" +
      "    \"agentUrl\": document.getElementById('agentUrl').value," +
      "    \"agentMethod\": document.getElementById('agentMethod').value" +
      "  };" +
      "  var url='" + url + "'+ '&state=' + encodeURI(JSON.stringify(state));" +
      "  window.location.href=url;" +
      "}" +
      "</script>" +
      "<table>" +
      "<tr><td>Agent url</td><td><input type='text' id='agentUrl' value=''" +
        " style='width: 400px;'/></td></tr>" +
        "<tr><td>Agent method</td><td><input type='text' id='agentMethod' value='" +
        AGENTS_METHOD + "' style='width: 400px;'/></td></tr>" +
      "<tr><td><button onclick='auth();'>Authorize</button></td></tr>" +
      "</table>" +
      "<script type='text/javascript'>" +
      "  document.getElementById('agentUrl').value = document.location.origin + '/agents/agentid/';" +
      "</script>"
    );   
  }
 
  private void printSuccess(PrintWriter out, String agentUrl) {
    out.print("<p>Agent is succesfully authorized.</p>");
    out.print("<p><a href=\"" + agentUrl + "\">" + agentUrl + "</a></p>");
    out.print("<button onclick='window.location.href=\"" +
          REDIRECT_URI + "\";'>Ok</button>");
  }
 
  private void printError(PrintWriter out, String error) {
    out.print("<p>An error occurred</p>");       
    out.print("<pre class='error'>" + error + "</pre>");       
    out.print("<button onclick='window.location.href=\"" +
          REDIRECT_URI + "\";'>Ok</button>");     
  }
}
TOP

Related Classes of com.almende.eve.auth.google.AuthServlet

  • com.almende.eve.config.Config
  • com.almende.eve.rpc.jsonrpc.JSONRequest
  • com.fasterxml.jackson.databind.node.ObjectNode
  • java.io.InputStream
  • java.io.PrintWriter
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.