2018-06-27 12:29:21 +02:00
|
|
|
package eu.eudat.logic.security.validators.google;
|
2017-09-27 18:15:39 +02:00
|
|
|
|
2018-02-16 11:34:02 +01:00
|
|
|
import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken;
|
|
|
|
|
import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken.Payload;
|
|
|
|
|
import com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier;
|
|
|
|
|
import com.google.api.client.http.HttpTransport;
|
|
|
|
|
import com.google.api.client.http.javanet.NetHttpTransport;
|
2022-01-14 17:17:32 +01:00
|
|
|
import com.google.api.client.json.gson.GsonFactory;
|
2018-06-27 12:29:21 +02:00
|
|
|
import eu.eudat.logic.security.validators.TokenValidator;
|
|
|
|
|
import eu.eudat.logic.security.validators.TokenValidatorFactoryImpl;
|
2019-07-12 15:58:17 +02:00
|
|
|
import eu.eudat.logic.services.operations.authentication.AuthenticationService;
|
|
|
|
|
import eu.eudat.models.data.login.LoginInfo;
|
|
|
|
|
import eu.eudat.models.data.loginprovider.LoginProviderUser;
|
2017-10-20 12:03:55 +02:00
|
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
2018-01-10 17:05:23 +01:00
|
|
|
import org.springframework.core.env.Environment;
|
2017-12-15 00:01:26 +01:00
|
|
|
import org.springframework.stereotype.Component;
|
2017-12-18 16:55:12 +01:00
|
|
|
|
2018-02-16 11:34:02 +01:00
|
|
|
import java.io.IOException;
|
|
|
|
|
import java.security.GeneralSecurityException;
|
|
|
|
|
import java.util.Collections;
|
|
|
|
|
|
2018-01-09 12:31:01 +01:00
|
|
|
@Component("googleTokenValidator")
|
2017-10-13 17:08:49 +02:00
|
|
|
public class GoogleTokenValidator implements TokenValidator {
|
2017-09-27 18:15:39 +02:00
|
|
|
|
2019-07-12 15:58:17 +02:00
|
|
|
private static final HttpTransport transport = new NetHttpTransport();
|
|
|
|
|
private AuthenticationService nonVerifiedUserAuthenticationService;
|
|
|
|
|
private GoogleIdTokenVerifier verifier;
|
|
|
|
|
|
|
|
|
|
@Autowired
|
2019-11-11 11:34:28 +01:00
|
|
|
public GoogleTokenValidator(Environment environment, AuthenticationService nonVerifiedUserAuthenticationService) {
|
2019-07-12 15:58:17 +02:00
|
|
|
this.nonVerifiedUserAuthenticationService = nonVerifiedUserAuthenticationService;
|
2022-01-14 17:17:32 +01:00
|
|
|
verifier = new GoogleIdTokenVerifier.Builder(transport, new GsonFactory())
|
2019-11-11 11:34:28 +01:00
|
|
|
.setAudience(Collections.singletonList(environment.getProperty("google.login.clientId")))
|
2019-07-12 15:58:17 +02:00
|
|
|
.build();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private GoogleIdToken verifyUserAndGetUser(String idTokenString) throws IOException, GeneralSecurityException {
|
2019-11-11 11:34:28 +01:00
|
|
|
return verifier.verify(idTokenString);
|
2019-07-12 15:58:17 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
|
public eu.eudat.models.data.security.Principal validateToken(LoginInfo credentials) throws IOException, GeneralSecurityException {
|
|
|
|
|
GoogleIdToken idToken = this.verifyUserAndGetUser(credentials.getTicket());
|
|
|
|
|
Payload payload = idToken.getPayload();
|
|
|
|
|
LoginProviderUser user = new LoginProviderUser();
|
|
|
|
|
user.setAvatarUrl((String) payload.get("picture"));
|
|
|
|
|
user.setSecret(credentials.getTicket());
|
|
|
|
|
user.setId(payload.getSubject());
|
|
|
|
|
user.setProvider(TokenValidatorFactoryImpl.LoginProvider.GOOGLE);
|
|
|
|
|
user.setName((String) payload.get("name"));
|
|
|
|
|
user.setEmail(payload.getEmail());
|
|
|
|
|
user.setIsVerified(payload.getEmailVerified());
|
|
|
|
|
return this.nonVerifiedUserAuthenticationService.Touch(user);
|
|
|
|
|
}
|
2017-09-27 18:15:39 +02:00
|
|
|
}
|
