Commit 2cc9f8c2 authored by Matija Obreza's avatar Matija Obreza
Browse files

Additional fixes for Google+ login

parent d00c6c7c
...@@ -22,7 +22,6 @@ import org.genesys2.server.model.wrapper.UserWrapper; ...@@ -22,7 +22,6 @@ import org.genesys2.server.model.wrapper.UserWrapper;
import org.springframework.data.domain.Page; import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable; import org.springframework.data.domain.Pageable;
import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.social.google.api.userinfo.GoogleUserInfo;
public interface UserService { public interface UserService {
...@@ -72,6 +71,4 @@ public interface UserService { ...@@ -72,6 +71,4 @@ public interface UserService {
void setAccountLockLocal(String uuid, boolean locked); void setAccountLockLocal(String uuid, boolean locked);
void userEmailValidated(String uuid); void userEmailValidated(String uuid);
void googleAuthentication(GoogleUserInfo userInfo);
} }
...@@ -16,6 +16,12 @@ ...@@ -16,6 +16,12 @@
package org.genesys2.server.service.impl; package org.genesys2.server.service.impl;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.genesys2.server.exception.NoUserFoundException; import org.genesys2.server.exception.NoUserFoundException;
...@@ -43,12 +49,9 @@ import org.springframework.security.core.authority.SimpleGrantedAuthority; ...@@ -43,12 +49,9 @@ import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.social.google.api.userinfo.GoogleUserInfo;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional; import org.springframework.transaction.annotation.Transactional;
import java.util.*;
@Service @Service
@Transactional(readOnly = true) @Transactional(readOnly = true)
public class UserServiceImpl implements UserService { public class UserServiceImpl implements UserService {
...@@ -350,25 +353,6 @@ public class UserServiceImpl implements UserService { ...@@ -350,25 +353,6 @@ public class UserServiceImpl implements UserService {
} }
} }
@Override
public void googleAuthentication(GoogleUserInfo userInfo) {
User user = getUserByEmail(userInfo.getEmail());
if (user == null) {
LOG.warn("Authentication with Google+ failed: No such user " + userInfo.getEmail());
}
List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
grantedAuthorities.add(new SimpleGrantedAuthority("USER"));
grantedAuthorities.add(new SimpleGrantedAuthority("VALIDATEDUSER"));
AuthUserDetails userDetails = new AuthUserDetails(user.getUuid(), user.getPassword(), grantedAuthorities);
userDetails.setUser(user);
Authentication authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(authentication);
}
private void addRoleToCurrentUser(User user, String role) { private void addRoleToCurrentUser(User user, String role) {
Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal(); Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
......
...@@ -56,7 +56,7 @@ public class GoogleSocialController extends BaseController { ...@@ -56,7 +56,7 @@ public class GoogleSocialController extends BaseController {
userService.userEmailValidated(user.getUuid()); userService.userEmailValidated(user.getUuid());
} }
userService.googleAuthentication(userInfo); googleOAuthUtil.googleAuthentication(userInfo);
return "redirect:/"; return "redirect:/";
} }
......
...@@ -6,8 +6,11 @@ import java.io.InputStreamReader; ...@@ -6,8 +6,11 @@ import java.io.InputStreamReader;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
import javax.inject.Named;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.HttpResponse; import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair; import org.apache.http.NameValuePair;
import org.apache.http.client.HttpClient; import org.apache.http.client.HttpClient;
...@@ -18,11 +21,20 @@ import org.apache.http.impl.client.DefaultHttpClient; ...@@ -18,11 +21,20 @@ import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.message.BasicNameValuePair; import org.apache.http.message.BasicNameValuePair;
import org.json.JSONException; import org.json.JSONException;
import org.json.JSONObject; import org.json.JSONObject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value; import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.social.google.api.userinfo.GoogleUserInfo;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
@Component @Component
public class GoogleOAuthUtil { public class GoogleOAuthUtil {
private static final Log LOG = LogFactory.getLog(GoogleOAuthUtil.class);
public static final String LOCAL_GOOGLEAUTH_PATH = "/google/auth"; public static final String LOCAL_GOOGLEAUTH_PATH = "/google/auth";
@Value("${base.url}") @Value("${base.url}")
...@@ -34,6 +46,10 @@ public class GoogleOAuthUtil { ...@@ -34,6 +46,10 @@ public class GoogleOAuthUtil {
@Value("${google.consumerSecret}") @Value("${google.consumerSecret}")
private String secret; private String secret;
@Autowired
@Named("authUserDetailsService")
private UserDetailsService userDetailsService;
public String exchangeForAccessToken(HttpServletRequest request) throws IOException, JSONException { public String exchangeForAccessToken(HttpServletRequest request) throws IOException, JSONException {
HttpClient httpclient = new DefaultHttpClient(); HttpClient httpclient = new DefaultHttpClient();
HttpPost httppost = new HttpPost("https://accounts.google.com/o/oauth2/token"); HttpPost httppost = new HttpPost("https://accounts.google.com/o/oauth2/token");
...@@ -69,10 +85,27 @@ public class GoogleOAuthUtil { ...@@ -69,10 +85,27 @@ public class GoogleOAuthUtil {
parameters.add(new BasicNameValuePair("approval_prompt", "auto")); parameters.add(new BasicNameValuePair("approval_prompt", "auto"));
parameters.add(new BasicNameValuePair("access_type", "online")); parameters.add(new BasicNameValuePair("access_type", "online"));
parameters.add(new BasicNameValuePair("include_granted_scopes", "true")); parameters.add(new BasicNameValuePair("include_granted_scopes", "true"));
// Google+ "https://www.googleapis.com/auth/plus.login https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile")); // Google+
// "https://www.googleapis.com/auth/plus.login https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile"));
// Only basic: // Only basic:
parameters.add(new BasicNameValuePair("scope", "https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email")); parameters.add(new BasicNameValuePair("scope", "https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email"));
String query = URLEncodedUtils.format(parameters, "UTF-8"); String query = URLEncodedUtils.format(parameters, "UTF-8");
return "https://accounts.google.com/o/oauth2/auth?" + query; return "https://accounts.google.com/o/oauth2/auth?" + query;
} }
public void googleAuthentication(GoogleUserInfo userInfo) {
try {
UserDetails userDetails = userDetailsService.loadUserByUsername(userInfo.getEmail());
if (!(userDetails.isEnabled() && userDetails.isAccountNonExpired() && userDetails.isAccountNonLocked() && userDetails.isCredentialsNonExpired())) {
LOG.warn("Google login canceled: Account currently not available: " + userInfo.getEmail());
return;
}
Authentication authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(authentication);
} catch (UsernameNotFoundException e) {
LOG.warn("Authentication with Google+ failed: No such user " + userInfo.getEmail());
}
}
} }
...@@ -22,6 +22,7 @@ ...@@ -22,6 +22,7 @@
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop-3.2.xsd"> http://www.springframework.org/schema/aop/spring-aop-3.2.xsd">
<context:property-placeholder ignore-resource-not-found="true" location="classpath:/application.properties,classpath:/spring/spring.properties,classpath:/genesys.properties" />
<!-- This ensures things are loaded in correct order --> <!-- This ensures things are loaded in correct order -->
<import resource="spring-common.xml" /> <import resource="spring-common.xml" />
......
...@@ -54,9 +54,6 @@ ...@@ -54,9 +54,6 @@
<prop key="hibernate.hbm2ddl.auto">${db.hbm2ddl}</prop> <prop key="hibernate.hbm2ddl.auto">${db.hbm2ddl}</prop>
<prop key="hibernate.search.default.indexBase">${lucene.indexDir}</prop> <prop key="hibernate.search.default.indexBase">${lucene.indexDir}</prop>
<prop key="hibernate.search.default.exclusive_index_use">false</prop> <prop key="hibernate.search.default.exclusive_index_use">false</prop>
<prop key="hibernate.connection.CharSet">utf8</prop>
<prop key="hibernate.connection.characterEncoding">utf8</prop>
<prop key="hibernate.connection.useUnicode">true</prop>
</props> </props>
</property> </property>
<property name="packagesToScan"> <property name="packagesToScan">
......
...@@ -23,9 +23,7 @@ ...@@ -23,9 +23,7 @@
http://www.springframework.org/schema/context/spring-context-3.2.xsd" http://www.springframework.org/schema/context/spring-context-3.2.xsd"
default-autowire="no"> default-autowire="no">
<context:component-scan base-package="org.genesys2.server"/> <context:property-placeholder ignore-resource-not-found="true" location="classpath:/application.properties,classpath:/spring/spring.properties,classpath:/genesys.properties" />
<context:property-placeholder ignore-resource-not-found="true" location="classpath:/spring/spring.properties"/>
<bean id="mailSender" class="org.springframework.mail.javamail.JavaMailSenderImpl"> <bean id="mailSender" class="org.springframework.mail.javamail.JavaMailSenderImpl">
<property name="host" value="${mail.host}"/> <property name="host" value="${mail.host}"/>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment