aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--build.gradle1
-rw-r--r--src/main/java/com/juick/server/api/ApiSocialLogin.java30
2 files changed, 31 insertions, 0 deletions
diff --git a/build.gradle b/build.gradle
index 8f70ee30..c4cce68e 100644
--- a/build.gradle
+++ b/build.gradle
@@ -165,6 +165,7 @@ dependencies {
compile 'com.atlassian.commonmark:commonmark-ext-autolink:0.12.1'
compile 'org.tomitribe:tomitribe-http-signatures:1.1'
compile 'com.squareup.okhttp3:okhttp:3.12.0'
+ compile 'com.google.api-client:google-api-client:1.24.1'
testCompile("org.springframework.boot:spring-boot-starter-test")
testCompile('net.sourceforge.htmlunit:htmlunit:2.33')
diff --git a/src/main/java/com/juick/server/api/ApiSocialLogin.java b/src/main/java/com/juick/server/api/ApiSocialLogin.java
index 8d9f9402..4a8297cd 100644
--- a/src/main/java/com/juick/server/api/ApiSocialLogin.java
+++ b/src/main/java/com/juick/server/api/ApiSocialLogin.java
@@ -24,8 +24,16 @@ import com.github.scribejava.core.model.OAuth2AccessToken;
import com.github.scribejava.core.model.OAuthRequest;
import com.github.scribejava.core.model.Verb;
import com.github.scribejava.core.oauth.OAuth20Service;
+import com.google.api.client.auth.openidconnect.IdToken;
+import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken;
+import com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier;
+import com.google.api.client.http.HttpTransport;
+import com.google.api.client.http.javanet.NetHttpTransport;
+import com.google.api.client.json.JsonFactory;
+import com.google.api.client.json.jackson2.JacksonFactory;
import com.juick.model.facebook.User;
import com.juick.server.util.HttpBadRequestException;
+import com.juick.server.util.HttpForbiddenException;
import com.juick.service.CrosspostService;
import com.juick.service.EmailService;
import com.juick.service.TelegramService;
@@ -44,6 +52,8 @@ import org.springframework.web.util.UriComponentsBuilder;
import javax.annotation.PostConstruct;
import javax.inject.Inject;
import java.io.IOException;
+import java.security.GeneralSecurityException;
+import java.util.Collections;
import java.util.UUID;
import java.util.concurrent.ExecutionException;
@@ -77,6 +87,8 @@ public class ApiSocialLogin {
private String VK_SECRET;
@Value("${telegram_token:secret}")
private String telegramToken;
+ @Value("${google_client_id:id")
+ private String googleClientId;
@Inject
private CrosspostService crosspostService;
@@ -87,11 +99,18 @@ public class ApiSocialLogin {
@Inject
private TelegramService telegramService;
+ private final HttpTransport transport = new NetHttpTransport();
+ private final JsonFactory jsonFactory = new JacksonFactory();
+ private GoogleIdTokenVerifier verifier;
+
@PostConstruct
public void init() {
facebookBuilder = new ServiceBuilder(FACEBOOK_APPID);
twitterBuilder = new ServiceBuilder(twitterConsumerKey);
vkBuilder = new ServiceBuilder(VK_APPID);
+ verifier = new GoogleIdTokenVerifier.Builder(transport, jsonFactory)
+ .setAudience(Collections.singletonList(googleClientId))
+ .build();
}
@GetMapping("/api/_fblogin")
@@ -268,6 +287,17 @@ public class ApiSocialLogin {
return "redirect:/signup?type=vk&hash=" + loginhash;
}
}
+ @GetMapping("/api/_google")
+ public IdToken.Payload googleSignIn(@RequestParam(name = "idToken") String idTokenString)
+ throws GeneralSecurityException, IOException {
+
+ GoogleIdToken idToken = verifier.verify(idTokenString);
+ if (idToken != null) {
+ return idToken.getPayload();
+ } else {
+ throw new HttpForbiddenException();
+ }
+ }
/*
@GetMapping("/_tglogin")
public String doDurovLogin(HttpServletRequest request,