argos/dmp-backend/src/main/java/eu/eudat/security/validators/google/GoogleTokenValidator.java

package eu.eudat.security.validators.google;

import java.io.FileReader;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.Principal;
import java.util.*;
import java.util.stream.Collector;
import java.util.stream.Collectors;

import com.google.api.client.googleapis.auth.oauth2.*;
import eu.eudat.dao.entities.security.CredentialDao;
import eu.eudat.dao.entities.security.UserTokenDao;
import eu.eudat.entities.Credential;
import eu.eudat.entities.UserToken;
import eu.eudat.models.criteria.UserInfoCriteria;
import eu.eudat.models.login.LoginInfo;
import eu.eudat.models.loginprovider.LoginProviderUser;
import eu.eudat.security.validators.TokenValidator;
import eu.eudat.security.validators.TokenValidatorFactoryImpl;
import eu.eudat.services.ApiContext;
import eu.eudat.services.AuthenticationService;
import org.springframework.beans.factory.annotation.Autowired;

import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken.Payload;
import com.google.api.client.http.HttpTransport;
import com.google.api.client.http.javanet.NetHttpTransport;
import com.google.api.client.json.jackson2.JacksonFactory;

import eu.eudat.dao.entities.UserInfoDao;
import eu.eudat.entities.UserInfo;
import eu.eudat.exceptions.NonValidTokenException;
import org.springframework.core.env.Environment;
import org.springframework.stereotype.Component;
import org.springframework.stereotype.Service;

import static com.sun.org.apache.xalan.internal.xsltc.compiler.Constants.REDIRECT_URI;

@Component("googleTokenValidator")
public class GoogleTokenValidator implements TokenValidator {

	private static final HttpTransport transport = new NetHttpTransport();
	private ApiContext apiContext;
	private AuthenticationService authenticationService;
	private GoogleIdTokenVerifier verifier;
	private Environment environment;

	@Autowired
	public GoogleTokenValidator(ApiContext apiContext, Environment environment,AuthenticationService authenticationService){
		this.apiContext = apiContext;
		this.environment = environment;
		this.authenticationService = authenticationService;
		verifier = new GoogleIdTokenVerifier.Builder(transport, JacksonFactory.getDefaultInstance())
				.setAudience(Collections.singletonList(this.environment.getProperty("google.login.clientId")))
				.build();
	}

	private GoogleIdToken verifyUserAndGetUser(String idTokenString) throws IOException, GeneralSecurityException {
		GoogleIdToken idToken = verifier.verify(idTokenString);
		return idToken;
	}

	@Override
	public eu.eudat.models.security.Principal validateToken(LoginInfo credentials) throws NonValidTokenException, IOException, GeneralSecurityException {

		GoogleIdToken idToken = this.verifyUserAndGetUser(credentials.getTicket());
		Payload payload = idToken.getPayload();
		LoginProviderUser user = new LoginProviderUser();
		user.setSecret(credentials.getTicket());
		user.setProvider(TokenValidatorFactoryImpl.LoginProvider.GOOGLE);
		user.setName((String)payload.get("name"));
		user.setEmail(payload.getEmail());
		user.setIsVerified(payload.getEmailVerified());
		return this.authenticationService.Touch(user);
	}

}
no message 2018-01-09 12:31:01 +01:00			`package eu.eudat.security.validators.google;`
Added security over all endpoints. Now need to provide an 'oauth2-token' parameter on each http request. 2017-09-27 18:15:39 +02:00
no message 2017-12-18 16:55:12 +01:00			`import java.io.FileReader;`
Added security over all endpoints. Now need to provide an 'oauth2-token' parameter on each http request. 2017-09-27 18:15:39 +02:00			`import java.io.IOException;`
			`import java.security.GeneralSecurityException;`
no message 2017-12-15 17:57:41 +01:00			`import java.security.Principal;`
			`import java.util.*;`
no message 2017-12-19 17:22:30 +01:00			`import java.util.stream.Collector;`
			`import java.util.stream.Collectors;`
Added security over all endpoints. Now need to provide an 'oauth2-token' parameter on each http request. 2017-09-27 18:15:39 +02:00
no message 2017-12-18 16:55:12 +01:00			`import com.google.api.client.googleapis.auth.oauth2.*;`
no message 2017-12-15 17:57:41 +01:00			`import eu.eudat.dao.entities.security.CredentialDao;`
no message 2017-12-18 16:55:12 +01:00			`import eu.eudat.dao.entities.security.UserTokenDao;`
no message 2017-12-15 17:57:41 +01:00			`import eu.eudat.entities.Credential;`
			`import eu.eudat.entities.UserToken;`
no message 2018-01-05 08:47:52 +01:00			`import eu.eudat.models.criteria.UserInfoCriteria;`
no message 2017-12-18 16:55:12 +01:00			`import eu.eudat.models.login.LoginInfo;`
no message 2018-01-10 17:05:23 +01:00			`import eu.eudat.models.loginprovider.LoginProviderUser;`
no message 2018-01-09 12:31:01 +01:00			`import eu.eudat.security.validators.TokenValidator;`
			`import eu.eudat.security.validators.TokenValidatorFactoryImpl;`
no message 2018-01-10 17:05:23 +01:00			`import eu.eudat.services.ApiContext;`
no message 2017-12-15 17:57:41 +01:00			`import eu.eudat.services.AuthenticationService;`
Finalized security, distinguish between internal and external users, etc 2017-10-20 12:03:55 +02:00			`import org.springframework.beans.factory.annotation.Autowired;`

Added security over all endpoints. Now need to provide an 'oauth2-token' parameter on each http request. 2017-09-27 18:15:39 +02:00			`import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken.Payload;`
			`import com.google.api.client.http.HttpTransport;`
			`import com.google.api.client.http.javanet.NetHttpTransport;`
			`import com.google.api.client.json.jackson2.JacksonFactory;`

migrating to spring boot 2017-12-15 00:01:26 +01:00			`import eu.eudat.dao.entities.UserInfoDao;`
			`import eu.eudat.entities.UserInfo;`
			`import eu.eudat.exceptions.NonValidTokenException;`
no message 2018-01-10 17:05:23 +01:00			`import org.springframework.core.env.Environment;`
migrating to spring boot 2017-12-15 00:01:26 +01:00			`import org.springframework.stereotype.Component;`
			`import org.springframework.stereotype.Service;`
Added security over all endpoints. Now need to provide an 'oauth2-token' parameter on each http request. 2017-09-27 18:15:39 +02:00
no message 2017-12-18 16:55:12 +01:00			`import static com.sun.org.apache.xalan.internal.xsltc.compiler.Constants.REDIRECT_URI;`

no message 2018-01-09 12:31:01 +01:00			`@Component("googleTokenValidator")`
Security is now completed... only token-based calls are now permitted. 2017-10-13 17:08:49 +02:00			`public class GoogleTokenValidator implements TokenValidator {`
Added security over all endpoints. Now need to provide an 'oauth2-token' parameter on each http request. 2017-09-27 18:15:39 +02:00
			`private static final HttpTransport transport = new NetHttpTransport();`
no message 2018-01-10 17:05:23 +01:00			`private ApiContext apiContext;`
			`private AuthenticationService authenticationService;`
no message 2017-12-19 17:22:30 +01:00			`private GoogleIdTokenVerifier verifier;`
no message 2018-01-10 17:05:23 +01:00			`private Environment environment;`

			`@Autowired`
			`public GoogleTokenValidator(ApiContext apiContext, Environment environment,AuthenticationService authenticationService){`
			`this.apiContext = apiContext;`
			`this.environment = environment;`
			`this.authenticationService = authenticationService;`
no message 2017-12-19 17:22:30 +01:00			`verifier = new GoogleIdTokenVerifier.Builder(transport, JacksonFactory.getDefaultInstance())`
no message 2018-01-10 17:05:23 +01:00			`.setAudience(Collections.singletonList(this.environment.getProperty("google.login.clientId")))`
no message 2017-12-19 17:22:30 +01:00			`.build();`
no message 2017-12-18 16:55:12 +01:00			`}`

no message 2017-12-19 17:22:30 +01:00			`private GoogleIdToken verifyUserAndGetUser(String idTokenString) throws IOException, GeneralSecurityException {`
			`GoogleIdToken idToken = verifier.verify(idTokenString);`
			`return idToken;`
Added security over all endpoints. Now need to provide an 'oauth2-token' parameter on each http request. 2017-09-27 18:15:39 +02:00			`}`
no message 2017-12-18 16:55:12 +01:00
no message 2017-12-19 17:22:30 +01:00			`@Override`
no message 2018-01-11 12:13:01 +01:00			`public eu.eudat.models.security.Principal validateToken(LoginInfo credentials) throws NonValidTokenException, IOException, GeneralSecurityException {`
Finalized security, distinguish between internal and external users, etc 2017-10-20 12:03:55 +02:00
no message 2018-01-11 12:13:01 +01:00			`GoogleIdToken idToken = this.verifyUserAndGetUser(credentials.getTicket());`
Finalized security, distinguish between internal and external users, etc 2017-10-20 12:03:55 +02:00			`Payload payload = idToken.getPayload();`
no message 2018-01-10 17:05:23 +01:00			`LoginProviderUser user = new LoginProviderUser();`
no message 2018-01-11 12:13:01 +01:00			`user.setSecret(credentials.getTicket());`
no message 2018-01-10 17:05:23 +01:00			`user.setProvider(TokenValidatorFactoryImpl.LoginProvider.GOOGLE);`
			`user.setName((String)payload.get("name"));`
			`user.setEmail(payload.getEmail());`
			`user.setIsVerified(payload.getEmailVerified());`
			`return this.authenticationService.Touch(user);`
Added security over all endpoints. Now need to provide an 'oauth2-token' parameter on each http request. 2017-09-27 18:15:39 +02:00			`}`
no message 2018-01-10 17:05:23 +01:00
Added security over all endpoints. Now need to provide an 'oauth2-token' parameter on each http request. 2017-09-27 18:15:39 +02:00			`}`