com.google.api.client.extensions.appengine.auth.oauth2

Class AbstractAppEngineAuthorizationCodeServlet

java.lang.Object

javax.servlet.GenericServlet

javax.servlet.http.HttpServlet

com.google.api.client.extensions.servlet.auth.oauth2.AbstractAuthorizationCodeServlet

com.google.api.client.extensions.appengine.auth.oauth2.AbstractAppEngineAuthorizationCodeServlet

All Implemented Interfaces:

Serializable, javax.servlet.Servlet, javax.servlet.ServletConfig

public abstract class AbstractAppEngineAuthorizationCodeServlet
extends AbstractAuthorizationCodeServlet

Simple extension of AbstractAuthorizationCodeServlet that uses the currently logged-in Google Account user, as directed in Security and Authentication.

Note that if there is no currently logged-in user, getUserId(HttpServletRequest) will throw a NullPointerException. Example to require login for all pages:

  <security-constraint>
    <web-resource-collection>
      <web-resource-name>any</web-resource-name>
      <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
      <role-name>*</role-name>
    </auth-constraint>
  </security-constraint>
 

Sample usage:

public class ServletSample extends AbstractAppEngineAuthorizationCodeServlet {

  @Override
  protected void doGet(HttpServletRequest request, HttpServletResponse response)
      throws IOException {
    // do stuff
  }

  @Override
  protected String getRedirectUri(HttpServletRequest req) throws ServletException, IOException {
    GenericUrl url = new GenericUrl(req.getRequestURL().toString());
    url.setRawPath("/oauth2callback");
    return url.build();
  }

  @Override
  protected AuthorizationCodeFlow initializeFlow() throws IOException {
    return new AuthorizationCodeFlow.Builder(BearerToken.authorizationHeaderAccessMethod(),
        new UrlFetchTransport(),
        new JacksonFactory(),
        new GenericUrl("https://server.example.com/token"),
        new BasicAuthentication("s6BhdRkqt3", "7Fjfp0ZBr1KtDRbnfVdmIw"),
        "s6BhdRkqt3",
        "https://server.example.com/authorize").setCredentialStore(new AppEngineCredentialStore())
        .build();
  }
}
 

Since:

1.7

Author:

Yaniv Inbar

See Also:

Serialized Form

Constructor Summary

Constructors

Constructor and Description
AbstractAppEngineAuthorizationCodeServlet()

Method Summary

Methods

Modifier and Type	Method and Description
protected String	getUserId(javax.servlet.http.HttpServletRequest req)

Methods inherited from class com.google.api.client.extensions.servlet.auth.oauth2.AbstractAuthorizationCodeServlet

getCredential, getRedirectUri, initializeFlow, onAuthorization, service

Methods inherited from class javax.servlet.http.HttpServlet

doDelete, doGet, doHead, doOptions, doPost, doPut, doTrace, getLastModified, service

Methods inherited from class javax.servlet.GenericServlet

destroy, getInitParameter, getInitParameterNames, getServletConfig, getServletContext, getServletInfo, getServletName, init, init, log, log

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AbstractAppEngineAuthorizationCodeServlet

public AbstractAppEngineAuthorizationCodeServlet()

Method Detail

getUserId

protected String getUserId(javax.servlet.http.HttpServletRequest req)
                    throws javax.servlet.ServletException,
                           IOException

Specified by:

getUserId in class AbstractAuthorizationCodeServlet

Throws:

javax.servlet.ServletException

IOException