Additional fixes for Google+ login

2cc9f8c2 · Matija Obreza · d00c6c7c · 2cc9f8c2 · 2cc9f8c2 · 2cc9f8c2
Commit 2cc9f8c2 authored Jan 24, 2014 by Matija Obreza
7 changed files
--- a/src/main/java/org/genesys2/server/service/UserService.java
+++ b/src/main/java/org/genesys2/server/service/UserService.java
@@ -22,7 +22,6 @@ import org.genesys2.server.model.wrapper.UserWrapper;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.Pageable;
 import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.social.google.api.userinfo.GoogleUserInfo;

 public interface UserService {

@@ -72,6 +71,4 @@ public interface UserService {
 	void setAccountLockLocal(String uuid, boolean locked);

 	void userEmailValidated(String uuid);
-
-    void googleAuthentication(GoogleUserInfo userInfo);
 }
--- a/src/main/java/org/genesys2/server/service/impl/UserServiceImpl.java
+++ b/src/main/java/org/genesys2/server/service/impl/UserServiceImpl.java
@@ -16,6 +16,12 @@

 package org.genesys2.server.service.impl;

+import java.util.ArrayList;
+import java.util.Date;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.genesys2.server.exception.NoUserFoundException;
@@ -43,12 +49,9 @@ import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.crypto.password.PasswordEncoder;
-import org.springframework.social.google.api.userinfo.GoogleUserInfo;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;

-import java.util.*;
-
 @Service
 @Transactional(readOnly = true)
 public class UserServiceImpl implements UserService {
@@ -350,25 +353,6 @@ public class UserServiceImpl implements UserService {
 		}
 	}

-	@Override
-	public void googleAuthentication(GoogleUserInfo userInfo) {
-		User user = getUserByEmail(userInfo.getEmail());
-
-		if (user == null) {
-			LOG.warn("Authentication with Google+ failed: No such user " + userInfo.getEmail());
-		}
-
-		List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
-		grantedAuthorities.add(new SimpleGrantedAuthority("USER"));
-		grantedAuthorities.add(new SimpleGrantedAuthority("VALIDATEDUSER"));
-
-		AuthUserDetails userDetails = new AuthUserDetails(user.getUuid(), user.getPassword(), grantedAuthorities);
-		userDetails.setUser(user);
-
-		Authentication authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
-		SecurityContextHolder.getContext().setAuthentication(authentication);
-	}
-
 	private void addRoleToCurrentUser(User user, String role) {
 		Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();


--- a/src/main/java/org/genesys2/server/servlet/controller/GoogleSocialController.java
+++ b/src/main/java/org/genesys2/server/servlet/controller/GoogleSocialController.java
@@ -56,7 +56,7 @@ public class GoogleSocialController extends BaseController {
 			userService.userEmailValidated(user.getUuid());
 		}

-		userService.googleAuthentication(userInfo);
+		googleOAuthUtil.googleAuthentication(userInfo);

 		return "redirect:/";
 	}

--- a/src/main/java/org/genesys2/server/servlet/util/GoogleOAuthUtil.java
+++ b/src/main/java/org/genesys2/server/servlet/util/GoogleOAuthUtil.java
@@ -6,8 +6,11 @@ import java.io.InputStreamReader;
 import java.util.ArrayList;
 import java.util.List;

+import javax.inject.Named;
 import javax.servlet.http.HttpServletRequest;

+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
 import org.apache.http.HttpResponse;
 import org.apache.http.NameValuePair;
 import org.apache.http.client.HttpClient;
@@ -18,11 +21,20 @@ import org.apache.http.impl.client.DefaultHttpClient;
 import org.apache.http.message.BasicNameValuePair;
 import org.json.JSONException;
 import org.json.JSONObject;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.social.google.api.userinfo.GoogleUserInfo;
 import org.springframework.stereotype.Component;

 @Component
 public class GoogleOAuthUtil {
+	private static final Log LOG = LogFactory.getLog(GoogleOAuthUtil.class);
 	public static final String LOCAL_GOOGLEAUTH_PATH = "/google/auth";

 	@Value("${base.url}")
@@ -34,6 +46,10 @@ public class GoogleOAuthUtil {
 	@Value("${google.consumerSecret}")
 	private String secret;

+	@Autowired
+	@Named("authUserDetailsService")
+	private UserDetailsService userDetailsService;
+
 	public String exchangeForAccessToken(HttpServletRequest request) throws IOException, JSONException {
 		HttpClient httpclient = new DefaultHttpClient();
 		HttpPost httppost = new HttpPost("https://accounts.google.com/o/oauth2/token");
@@ -69,10 +85,27 @@ public class GoogleOAuthUtil {
 		parameters.add(new BasicNameValuePair("approval_prompt", "auto"));
 		parameters.add(new BasicNameValuePair("access_type", "online"));
 		parameters.add(new BasicNameValuePair("include_granted_scopes", "true"));
-		// Google+ "https://www.googleapis.com/auth/plus.login https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile"));
+		// Google+
+		// "https://www.googleapis.com/auth/plus.login https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile"));
 		// Only basic:
 		parameters.add(new BasicNameValuePair("scope", "https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email"));
 		String query = URLEncodedUtils.format(parameters, "UTF-8");
 		return "https://accounts.google.com/o/oauth2/auth?" + query;
 	}
+
+	public void googleAuthentication(GoogleUserInfo userInfo) {
+		try {
+			UserDetails userDetails = userDetailsService.loadUserByUsername(userInfo.getEmail());
+
+			if (!(userDetails.isEnabled() && userDetails.isAccountNonExpired() && userDetails.isAccountNonLocked() && userDetails.isCredentialsNonExpired())) {
+				LOG.warn("Google login canceled: Account currently not available: " + userInfo.getEmail());
+				return;
+			}
+
+			Authentication authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
+			SecurityContextHolder.getContext().setAuthentication(authentication);
+		} catch (UsernameNotFoundException e) {
+			LOG.warn("Authentication with Google+ failed: No such user " + userInfo.getEmail());
+		}
+	}
 }
--- a/src/main/resources/spring/application-context.xml
+++ b/src/main/resources/spring/application-context.xml
@@ -22,6 +22,7 @@
       http://www.springframework.org/schema/aop
       http://www.springframework.org/schema/aop/spring-aop-3.2.xsd">

+	<context:property-placeholder ignore-resource-not-found="true" location="classpath:/application.properties,classpath:/spring/spring.properties,classpath:/genesys.properties" />

 	<!-- This ensures things are loaded in correct order -->
 	<import resource="spring-common.xml" />

--- a/src/main/resources/spring/spring-db.xml
+++ b/src/main/resources/spring/spring-db.xml
@@ -54,9 +54,6 @@
 				<prop key="hibernate.hbm2ddl.auto">${db.hbm2ddl}</prop>
 				<prop key="hibernate.search.default.indexBase">${lucene.indexDir}</prop>
 				<prop key="hibernate.search.default.exclusive_index_use">false</prop>
-                <prop key="hibernate.connection.CharSet">utf8</prop>
-                <prop key="hibernate.connection.characterEncoding">utf8</prop>
-                <prop key="hibernate.connection.useUnicode">true</prop>
 			</props>
 		</property>
 		<property name="packagesToScan">

--- a/src/main/resources/spring/spring-mail.xml
+++ b/src/main/resources/spring/spring-mail.xml
@@ -23,9 +23,7 @@
       http://www.springframework.org/schema/context/spring-context-3.2.xsd"
       default-autowire="no">

-    <context:component-scan base-package="org.genesys2.server"/>
-
-    <context:property-placeholder ignore-resource-not-found="true" location="classpath:/spring/spring.properties"/>
+	<context:property-placeholder ignore-resource-not-found="true" location="classpath:/application.properties,classpath:/spring/spring.properties,classpath:/genesys.properties" />

    <bean id="mailSender" class="org.springframework.mail.javamail.JavaMailSenderImpl">
        <property name="host" value="${mail.host}"/>