Commit 71fff52c authored by Viacheslav Pavlov's avatar Viacheslav Pavlov

Google+ login

parent eb2f50c3
......@@ -17,6 +17,9 @@
package org.genesys2.server.mvc;
import java.io.IOException;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Set;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
......@@ -24,15 +27,16 @@ import javax.servlet.http.HttpServletResponse;
import org.genesys.blocks.security.NotUniqueUserException;
import org.genesys.blocks.security.UserException;
import org.genesys.blocks.security.model.BasicUser.AccountType;
import org.genesys.blocks.security.service.PasswordPolicy.PasswordPolicyException;
import org.genesys2.server.model.impl.User;
import org.genesys2.server.service.UserService;
import org.genesys2.server.servlet.util.GoogleOAuthUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.OAuth2Request;
import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
......@@ -43,19 +47,22 @@ import org.springframework.social.google.api.plus.Person;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
@Controller
public class GoogleSocialController extends BaseController {
@Autowired
private UserService userService;
private final AuthenticationSuccessHandler authSuccessHandler = new SavedRequestAwareAuthenticationSuccessHandler();
private final AuthenticationFailureHandler authFailureHandler = new SimpleUrlAuthenticationFailureHandler();
@Autowired
private GoogleOAuthUtil googleOAuthUtil;
@Autowired
private AuthorizationServerTokenServices tokenServices;
@RequestMapping("/google/login")
public void redirectToGoogle(HttpServletResponse response) throws IOException {
response.sendRedirect(googleOAuthUtil.getAuthenticationUrl());
......@@ -84,19 +91,7 @@ public class GoogleSocialController extends BaseController {
final Google google = new GoogleTemplate(accessToken);
final Person userInfo = google.plusOperations().getGoogleProfile();
User user = null;
try {
user = userService.getUserByEmail(userInfo.getAccountEmail());
if (user.getAccountType() == AccountType.LOCAL) {
// account exists, change to {@link LoginType#GOOGLE}
LOG.info("Changing account type to LoginType#GOOGLE");
userService.setAccountType(user, AccountType.GOOGLE);
}
} catch (UsernameNotFoundException e) {
LOG.info("Username not found, creating new Google account");
user = userService.createUser(userInfo.getAccountEmail(), null, userInfo.getDisplayName(), AccountType.GOOGLE);
userService.userEmailValidated(user.getUuid());
}
googleOAuthUtil.extractUserFromGoogleProfile(userInfo);
final Authentication authentication = googleOAuthUtil.googleAuthentication(userInfo);
......@@ -104,4 +99,30 @@ public class GoogleSocialController extends BaseController {
authSuccessHandler.onAuthenticationSuccess(request, response, authentication);
}
/**
* Google XHR auth.
*
* @param accessToken the access token
* @param clientId the client id
* @return the object
*/
@RequestMapping(value = "/google/verify-token", method = RequestMethod.GET)
@ResponseBody
public Object googleAuth(@RequestParam("accessToken") final String accessToken,
@RequestParam("clientId") final String clientId) throws UserException {
final Google google = new GoogleTemplate(accessToken);
final Person userInfo = google.plusOperations().getGoogleProfile();
User user = googleOAuthUtil.extractUserFromGoogleProfile(userInfo);
final Set<String> scope = new HashSet<>(Arrays.asList("trust", "read", "write"));
final OAuth2Request oAuth2Request = new OAuth2Request(null, clientId, user.getAuthorities(), true, scope, null, null, null, null);
final UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(user, null, user.getAuthorities());
final OAuth2Authentication auth = new OAuth2Authentication(oAuth2Request, authenticationToken);
return tokenServices.createAccessToken(auth);
}
}
......@@ -33,6 +33,10 @@ import org.apache.http.client.utils.URLEncodedUtils;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.message.BasicNameValuePair;
import org.genesys.blocks.security.UserException;
import org.genesys.blocks.security.model.BasicUser;
import org.genesys2.server.model.impl.User;
import org.genesys2.server.service.UserService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
......@@ -65,6 +69,9 @@ public class GoogleOAuthUtil {
@Value("${google.consumerSecret}")
private String secret;
@Autowired
private UserService userService;
@Autowired
@Named("authUserDetailsService")
private UserDetailsService userDetailsService;
......@@ -136,4 +143,24 @@ public class GoogleOAuthUtil {
return null;
}
}
public User extractUserFromGoogleProfile(Person userInfo) throws UserException {
User user = null;
try {
user = userService.getUserByEmail(userInfo.getAccountEmail());
if(user == null){
throw new UsernameNotFoundException("User not found");
}
if (user.getAccountType() == BasicUser.AccountType.LOCAL) {
// account exists, change to {@link LoginType#GOOGLE}
LOG.info("Changing account type to LoginType#GOOGLE");
userService.setAccountType(user, BasicUser.AccountType.GOOGLE);
}
} catch (UsernameNotFoundException e) {
LOG.info("Username not found, creating new Google account");
user = userService.createUser(userInfo.getAccountEmail(), userInfo.getDisplayName(),null, BasicUser.AccountType.GOOGLE);
userService.userEmailValidated(user.getUuid());
}
return user;
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment