Commit 71fff52c authored by Viacheslav Pavlov's avatar Viacheslav Pavlov

Google+ login

parent eb2f50c3
...@@ -17,6 +17,9 @@ ...@@ -17,6 +17,9 @@
package org.genesys2.server.mvc; package org.genesys2.server.mvc;
import java.io.IOException; import java.io.IOException;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Set;
import javax.servlet.ServletException; import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
...@@ -24,15 +27,16 @@ import javax.servlet.http.HttpServletResponse; ...@@ -24,15 +27,16 @@ import javax.servlet.http.HttpServletResponse;
import org.genesys.blocks.security.NotUniqueUserException; import org.genesys.blocks.security.NotUniqueUserException;
import org.genesys.blocks.security.UserException; import org.genesys.blocks.security.UserException;
import org.genesys.blocks.security.model.BasicUser.AccountType;
import org.genesys.blocks.security.service.PasswordPolicy.PasswordPolicyException; import org.genesys.blocks.security.service.PasswordPolicy.PasswordPolicyException;
import org.genesys2.server.model.impl.User; import org.genesys2.server.model.impl.User;
import org.genesys2.server.service.UserService;
import org.genesys2.server.servlet.util.GoogleOAuthUtil; import org.genesys2.server.servlet.util.GoogleOAuthUtil;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.OAuth2Request;
import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
import org.springframework.security.web.authentication.AuthenticationFailureHandler; import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler; import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler; import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
...@@ -43,19 +47,22 @@ import org.springframework.social.google.api.plus.Person; ...@@ -43,19 +47,22 @@ import org.springframework.social.google.api.plus.Person;
import org.springframework.stereotype.Controller; import org.springframework.stereotype.Controller;
import org.springframework.ui.Model; import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
@Controller @Controller
public class GoogleSocialController extends BaseController { public class GoogleSocialController extends BaseController {
@Autowired
private UserService userService;
private final AuthenticationSuccessHandler authSuccessHandler = new SavedRequestAwareAuthenticationSuccessHandler(); private final AuthenticationSuccessHandler authSuccessHandler = new SavedRequestAwareAuthenticationSuccessHandler();
private final AuthenticationFailureHandler authFailureHandler = new SimpleUrlAuthenticationFailureHandler(); private final AuthenticationFailureHandler authFailureHandler = new SimpleUrlAuthenticationFailureHandler();
@Autowired @Autowired
private GoogleOAuthUtil googleOAuthUtil; private GoogleOAuthUtil googleOAuthUtil;
@Autowired
private AuthorizationServerTokenServices tokenServices;
@RequestMapping("/google/login") @RequestMapping("/google/login")
public void redirectToGoogle(HttpServletResponse response) throws IOException { public void redirectToGoogle(HttpServletResponse response) throws IOException {
response.sendRedirect(googleOAuthUtil.getAuthenticationUrl()); response.sendRedirect(googleOAuthUtil.getAuthenticationUrl());
...@@ -84,19 +91,7 @@ public class GoogleSocialController extends BaseController { ...@@ -84,19 +91,7 @@ public class GoogleSocialController extends BaseController {
final Google google = new GoogleTemplate(accessToken); final Google google = new GoogleTemplate(accessToken);
final Person userInfo = google.plusOperations().getGoogleProfile(); final Person userInfo = google.plusOperations().getGoogleProfile();
User user = null; googleOAuthUtil.extractUserFromGoogleProfile(userInfo);
try {
user = userService.getUserByEmail(userInfo.getAccountEmail());
if (user.getAccountType() == AccountType.LOCAL) {
// account exists, change to {@link LoginType#GOOGLE}
LOG.info("Changing account type to LoginType#GOOGLE");
userService.setAccountType(user, AccountType.GOOGLE);
}
} catch (UsernameNotFoundException e) {
LOG.info("Username not found, creating new Google account");
user = userService.createUser(userInfo.getAccountEmail(), null, userInfo.getDisplayName(), AccountType.GOOGLE);
userService.userEmailValidated(user.getUuid());
}
final Authentication authentication = googleOAuthUtil.googleAuthentication(userInfo); final Authentication authentication = googleOAuthUtil.googleAuthentication(userInfo);
...@@ -104,4 +99,30 @@ public class GoogleSocialController extends BaseController { ...@@ -104,4 +99,30 @@ public class GoogleSocialController extends BaseController {
authSuccessHandler.onAuthenticationSuccess(request, response, authentication); authSuccessHandler.onAuthenticationSuccess(request, response, authentication);
} }
/**
* Google XHR auth.
*
* @param accessToken the access token
* @param clientId the client id
* @return the object
*/
@RequestMapping(value = "/google/verify-token", method = RequestMethod.GET)
@ResponseBody
public Object googleAuth(@RequestParam("accessToken") final String accessToken,
@RequestParam("clientId") final String clientId) throws UserException {
final Google google = new GoogleTemplate(accessToken);
final Person userInfo = google.plusOperations().getGoogleProfile();
User user = googleOAuthUtil.extractUserFromGoogleProfile(userInfo);
final Set<String> scope = new HashSet<>(Arrays.asList("trust", "read", "write"));
final OAuth2Request oAuth2Request = new OAuth2Request(null, clientId, user.getAuthorities(), true, scope, null, null, null, null);
final UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(user, null, user.getAuthorities());
final OAuth2Authentication auth = new OAuth2Authentication(oAuth2Request, authenticationToken);
return tokenServices.createAccessToken(auth);
}
} }
...@@ -33,6 +33,10 @@ import org.apache.http.client.utils.URLEncodedUtils; ...@@ -33,6 +33,10 @@ import org.apache.http.client.utils.URLEncodedUtils;
import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder; import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.message.BasicNameValuePair; import org.apache.http.message.BasicNameValuePair;
import org.genesys.blocks.security.UserException;
import org.genesys.blocks.security.model.BasicUser;
import org.genesys2.server.model.impl.User;
import org.genesys2.server.service.UserService;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
...@@ -65,6 +69,9 @@ public class GoogleOAuthUtil { ...@@ -65,6 +69,9 @@ public class GoogleOAuthUtil {
@Value("${google.consumerSecret}") @Value("${google.consumerSecret}")
private String secret; private String secret;
@Autowired
private UserService userService;
@Autowired @Autowired
@Named("authUserDetailsService") @Named("authUserDetailsService")
private UserDetailsService userDetailsService; private UserDetailsService userDetailsService;
...@@ -136,4 +143,24 @@ public class GoogleOAuthUtil { ...@@ -136,4 +143,24 @@ public class GoogleOAuthUtil {
return null; return null;
} }
} }
public User extractUserFromGoogleProfile(Person userInfo) throws UserException {
User user = null;
try {
user = userService.getUserByEmail(userInfo.getAccountEmail());
if(user == null){
throw new UsernameNotFoundException("User not found");
}
if (user.getAccountType() == BasicUser.AccountType.LOCAL) {
// account exists, change to {@link LoginType#GOOGLE}
LOG.info("Changing account type to LoginType#GOOGLE");
userService.setAccountType(user, BasicUser.AccountType.GOOGLE);
}
} catch (UsernameNotFoundException e) {
LOG.info("Username not found, creating new Google account");
user = userService.createUser(userInfo.getAccountEmail(), userInfo.getDisplayName(),null, BasicUser.AccountType.GOOGLE);
userService.userEmailValidated(user.getUuid());
}
return user;
}
} }
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment