Fatal编程技术网
  • java/
  • Java GoogleIdTokenVerifier不返回名称、图片等

Java GoogleIdTokenVerifier不返回名称、图片等

java google-app-engine

Java GoogleIdTokenVerifier不返回名称、图片等,java,google-app-engine,google-oauth,google-api-java-client,Java,Google App Engine,Google Oauth,Google Api Java Client,我们正在使用goole客户端api库从后端验证google帐户。此实现使用应用程序引擎和数据存储在Google云平台(GCP)上运行 到目前为止,我们看到的是GoogleIdTokenVerifier可以工作,但只返回电子邮件和uid以及令牌签名 使用的令牌和uid在针对servlet运行时会返回所有概要文件信息,但不会通过我们的应用程序引擎端点返回 以下是使用的代码: import com.google.api.client.googleapis.auth.oauth2.GoogleCrede

我们正在使用goole客户端api库从后端验证google帐户。此实现使用应用程序引擎和数据存储在Google云平台(GCP)上运行

到目前为止,我们看到的是GoogleIdTokenVerifier可以工作,但只返回电子邮件和uid以及令牌签名

使用的令牌和uid在针对servlet运行时会返回所有概要文件信息,但不会通过我们的应用程序引擎端点返回

以下是使用的代码:

import com.google.api.client.googleapis.auth.oauth2.GoogleCredential;
import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken;
import com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier;
import com.google.api.client.extensions.appengine.http.UrlFetchTransport;
import com.google.api.client.json.JsonFactory;
import com.google.api.client.json.jackson2.JacksonFactory;

import java.io.PrintWriter;
import java.io.StringWriter;
import java.util.Collections;
import java.util.logging.Logger;

public class GoogleVerifier implements TokenVerifier {



final Logger logger = Logger.getLogger(GoogleVerifier.class.getName());

    private static GoogleVerifier instance = null;

    private String privAppId;
    private UrlFetchTransport httpTransport;    //library required to run on GCP
    private JsonFactory jsonFactory;

    private GoogleVerifier() {
    }


    private static GoogleVerifier getInstance() {
        if (instance == null) {
            instance = new GoogleVerifier();
        }

        return instance;
    }


    public static void setAppId(String appId) {
        getInstance().setPrivAppId(appId);
        getInstance().setHttpTransport(new UrlFetchTransport());
        getInstance().setJsonFactory(new JacksonFactory());
    }

    public static String[] verify(String token, String uid) {
        return getInstance().verifyPrivate(token, uid);
    }

    public String[] verifyPrivate(String token, String uid) {
        @SuppressWarnings("unused")
        GoogleCredential credential = new GoogleCredential().setAccessToken(token);

        GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(httpTransport, jsonFactory)
                .setAudience(Collections.singletonList(privAppId))
                .build();

        String[] payloadInfo = new String[5];

        try {
            GoogleIdToken idToken = verifier.verify(token);

            if (idToken != null) {
                GoogleIdToken.Payload payload = idToken.getPayload();

                if (payload.getSubject().equals(uid)) {
                    logger.info("Matching google id: " + uid);

                    payloadInfo[0] = payload.getSubject();
                    payloadInfo[1] = payload.get("given_name").toString();
                    payloadInfo[2] = payload.get("family_name").toString();
                    payloadInfo[3] = payload.get("picture").toString();
                    payloadInfo[4] = payload.getEmail();

                    return payloadInfo;
                } else {
                    logger.info("Mismatching google id: " + uid);
                    return payloadInfo;
                }
            }
        }
        catch (Exception e) {
            e.printStackTrace();
            StringWriter sw = new StringWriter();
            PrintWriter pw = new PrintWriter(sw);
            e.printStackTrace(pw);
            logger.warning(sw.toString());

            return payloadInfo;
        }

        return payloadInfo;
    }

    private void setPrivAppId(String appId) {
        this.privAppId = appId;
    }

    private void setHttpTransport(UrlFetchTransport httpTransport) {
        this.httpTransport = httpTransport;
    }

    private void setJsonFactory(JsonFactory jsonFactory) {
        this.jsonFactory = jsonFactory;
    }
}
以下是我们的应用程序引擎端点:

@ApiMethod(name = "loginSocial", path = "loginSocial", httpMethod = HttpMethod.PUT)
public Response loginSocial(@Named("token") String token,
                            @Named("uid") String uid,
                            @Named("socialWebSite") SOCIALWEBSITE socialWebSite,
                            HttpServletRequest request) throws DatabaseException, IOException {

    Response response = new Response();

    //make sure parameters and not null or empty
    if (token != null && uid != null && socialWebSite != null &&
        !token.trim().isEmpty() && !uid.trim().isEmpty()){

        String [] userInfo = new String[5];

        //validate token and retrieve info first
        if (socialWebSite.equals(SOCIALWEBSITE.GOOGLE)){
            GoogleVerifier.setAppId(APP_ID);
            userInfo = GoogleVerifier.verify(token, uid);           
        }else if(socialWebSite.equals(APP_ID);
            userInfo = FacebookVerifier.verify(token, uid);             
        }
    }
}
谢谢

我最终使用了另一个库,它更简单,提供了相同的信息

用户身份验证需要哪些范围?简短回答:电子邮件和配置文件。长回答:用户当前连接到通过servlet的网页。这个servlet能够检索很少的东西:电子邮件、配置文件、uid、令牌等等。。。当尝试使用相同的应用ID、uid和令牌通过应用引擎检索相同的信息时,这些方法不会返回配置文件信息。我颠倒了方向-抱歉。在EP中,您应该在进行身份验证时添加概要文件范围。