使用Google OAuth2 API对Google App用户进行身份验证 [英] Authenticate Google App users with Google OAuth2 API

问题描述

我想知道是否可以使用Google客户端api（java）向我的应用程序验证谷歌应用程序域的用户。
目标应用程序是使用REST后端（球衣）的Web应用程序。

文档不是很清楚（或者我误解了它），并且文档中的示例引用了弃用的类...有人知道这是否可行，也是最好的办法。

一个代码示例会很感激。

解决方案

Google Apps帐户应该可以正常使用这些API。

唯一的例外是如果服务被域管理员禁用。例如，如果网域管理员停用了Google+功能，则无法访问该用户的Google+数据。

无需更改代码，因此您应该可以使用客户端库存储库中的样本或产品特定样本（如这个用于Google+的。

Google+初学者项目首先通过在 com.google中扩展 AbstractAuthorizationCodeServlet 来实现OAuth流程.api.sample.OAuth2AuthorizationCodeServlet

  public class OAuth2AuthorizationCodeServlet 
 extends AbstractAuthorizationCodeServlet {
 / ** 
 *如果用户已经在
 * AuthorizationCodeFlow中保存了一个有效的凭证，它们将被简单地返回到主页。 
 * / 
 @Override 
 protected void doGet（HttpServletRequest请求，HttpServletResponse响应）
 throws ServletException，IOException {
 response.sendRedirect（/）; 
} 
 
 / ** 
 *返回使用认证结果重定向到的URI。 
 * / 
 @Override 
保护字符串getRedirectUri（HttpServletRequest请求）
抛出ServletException，IOException {
返回ConfigHelper.REDIRECT_URI; 
} 
 
 / ** 
 *返回HTTP会话ID作为当前用户的标识符。 
 *用户凭证根据此ID存储。 
 * / 
 @Override 
 protected String getUserId（HttpServletRequest request）
 throws ServletException，IOException {
 return request.getSession（true）.getId（）; 
 
 $ b @Override 
 protected AuthorizationCodeFlow initializeFlow（）抛出ServletException，
 IOException {
 return Util.getFlow（）; 
} 
} 
  

然后通过完成 com.google.api.sample.Oauth2CallbackServlet 通过扩展 AbstractAuthorizationCodeCallbackServlet ：

<$ p
保护无效onSuccess（HttpServletRequest请求，
HttpServletResponse响应，凭证凭证）
public class OAuth2CallbackServlet
extends AbstractAuthorizationCodeCallbackServlet {
@Override
抛出ServletException，IOException {
response.sendRedirect（/）;

$ b @Override
protected void onError（HttpServletRequest req，HttpServletResponse resp，
AuthorizationCodeResponseUrl errorResponse）
throws ServletException，IOException {
resp .sendError（SC_INTERNAL_SERVER_ERROR，Something wrong wrong :(）;
}

@Override
protected String getRedirectUri（HttpServletRequest request）
throws ServletException，IOException {
返回ConfigHelper.REDIRECT_URI;
}

@Override
protected AuthorizationCodeFlow initializeFlow（）
抛出IOException {
return Util.getFlow（）;

$ b @Override
protected String getUserId（HttpServletRequest request）throws ServletException，IOException {
return request.getSession（true）.getId（）;
}

}

I'm wondering if I can use the google client api (java) to authenticate the users of a google apps domain to my application. The target application is a web application using a REST backend (jersey).

The documentation isn't very clear (or I misunderstood it), and the samples in the documentation refers to deprecated classes... Does someone knows if it's possible and the best way to do it.

A code sample would be appreciate.

解决方案

Google Apps accounts should work fine with the APIs.

The only exception to this is if the service is disabled by the domain administrator. For example, if the Google+ feature is disabled by the domain administrator, you're not going to be able to access that user's Google+ data.

No code change is necessary, so you should be able to use the code from any of the samples in the client library repository or the product specific samples like this one for Google+.

The Google+ starter project implements the OAuth flow first by extending AbstractAuthorizationCodeServlet in com.google.api.sample.OAuth2AuthorizationCodeServlet

public class OAuth2AuthorizationCodeServlet 
    extends AbstractAuthorizationCodeServlet {
    /**
     * If the user already has a valid credential held in the 
     * AuthorizationCodeFlow they are simply returned to the home page.
     */
    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
                    throws ServletException, IOException {
        response.sendRedirect("/");
    }

    /**
     * Returns the URI to redirect to with the authentication result.
     */
    @Override
    protected String getRedirectUri(HttpServletRequest request)
                    throws ServletException, IOException {
        return ConfigHelper.REDIRECT_URI;
    }

    /**
     * Returns the HTTP session id as the identifier for the current user.  
     * The users credentials are stored against this ID.
     */
    @Override
    protected String getUserId(HttpServletRequest request)
                    throws ServletException, IOException {
        return request.getSession(true).getId();
    }

    @Override
    protected AuthorizationCodeFlow initializeFlow() throws ServletException,
                    IOException {
        return Util.getFlow();
    }
}

And then by completing the flow in com.google.api.sample.Oauth2CallbackServlet by extending AbstractAuthorizationCodeCallbackServlet:

public class OAuth2CallbackServlet 
    extends AbstractAuthorizationCodeCallbackServlet {    
    @Override
    protected void onSuccess(HttpServletRequest request, 
            HttpServletResponse response, Credential credential)
            throws ServletException, IOException {
        response.sendRedirect("/");
    }

    @Override
    protected void onError(HttpServletRequest req, HttpServletResponse resp, 
            AuthorizationCodeResponseUrl errorResponse)
            throws ServletException, IOException {
        resp.sendError(SC_INTERNAL_SERVER_ERROR, "Something went wrong :(");
    }

    @Override
    protected String getRedirectUri(HttpServletRequest request) 
            throws ServletException, IOException {
        return ConfigHelper.REDIRECT_URI;
    }

    @Override
    protected AuthorizationCodeFlow initializeFlow() 
            throws IOException {
        return Util.getFlow();
    }

    @Override
    protected String getUserId(HttpServletRequest request) throws ServletException, IOException {
        return  request.getSession(true).getId(); 
    }

}

这篇关于使用Google OAuth2 API对Google App用户进行身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！