diff options
-rw-r--r-- | build.gradle | 1 | ||||
-rw-r--r-- | src/main/java/com/juick/server/api/ApiSocialLogin.java | 30 |
2 files changed, 31 insertions, 0 deletions
diff --git a/build.gradle b/build.gradle index 8f70ee30..c4cce68e 100644 --- a/build.gradle +++ b/build.gradle @@ -165,6 +165,7 @@ dependencies { compile 'com.atlassian.commonmark:commonmark-ext-autolink:0.12.1' compile 'org.tomitribe:tomitribe-http-signatures:1.1' compile 'com.squareup.okhttp3:okhttp:3.12.0' + compile 'com.google.api-client:google-api-client:1.24.1' testCompile("org.springframework.boot:spring-boot-starter-test") testCompile('net.sourceforge.htmlunit:htmlunit:2.33') diff --git a/src/main/java/com/juick/server/api/ApiSocialLogin.java b/src/main/java/com/juick/server/api/ApiSocialLogin.java index 8d9f9402..4a8297cd 100644 --- a/src/main/java/com/juick/server/api/ApiSocialLogin.java +++ b/src/main/java/com/juick/server/api/ApiSocialLogin.java @@ -24,8 +24,16 @@ import com.github.scribejava.core.model.OAuth2AccessToken; import com.github.scribejava.core.model.OAuthRequest; import com.github.scribejava.core.model.Verb; import com.github.scribejava.core.oauth.OAuth20Service; +import com.google.api.client.auth.openidconnect.IdToken; +import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken; +import com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier; +import com.google.api.client.http.HttpTransport; +import com.google.api.client.http.javanet.NetHttpTransport; +import com.google.api.client.json.JsonFactory; +import com.google.api.client.json.jackson2.JacksonFactory; import com.juick.model.facebook.User; import com.juick.server.util.HttpBadRequestException; +import com.juick.server.util.HttpForbiddenException; import com.juick.service.CrosspostService; import com.juick.service.EmailService; import com.juick.service.TelegramService; @@ -44,6 +52,8 @@ import org.springframework.web.util.UriComponentsBuilder; import javax.annotation.PostConstruct; import javax.inject.Inject; import java.io.IOException; +import java.security.GeneralSecurityException; +import java.util.Collections; import java.util.UUID; import java.util.concurrent.ExecutionException; @@ -77,6 +87,8 @@ public class ApiSocialLogin { private String VK_SECRET; @Value("${telegram_token:secret}") private String telegramToken; + @Value("${google_client_id:id") + private String googleClientId; @Inject private CrosspostService crosspostService; @@ -87,11 +99,18 @@ public class ApiSocialLogin { @Inject private TelegramService telegramService; + private final HttpTransport transport = new NetHttpTransport(); + private final JsonFactory jsonFactory = new JacksonFactory(); + private GoogleIdTokenVerifier verifier; + @PostConstruct public void init() { facebookBuilder = new ServiceBuilder(FACEBOOK_APPID); twitterBuilder = new ServiceBuilder(twitterConsumerKey); vkBuilder = new ServiceBuilder(VK_APPID); + verifier = new GoogleIdTokenVerifier.Builder(transport, jsonFactory) + .setAudience(Collections.singletonList(googleClientId)) + .build(); } @GetMapping("/api/_fblogin") @@ -268,6 +287,17 @@ public class ApiSocialLogin { return "redirect:/signup?type=vk&hash=" + loginhash; } } + @GetMapping("/api/_google") + public IdToken.Payload googleSignIn(@RequestParam(name = "idToken") String idTokenString) + throws GeneralSecurityException, IOException { + + GoogleIdToken idToken = verifier.verify(idTokenString); + if (idToken != null) { + return idToken.getPayload(); + } else { + throw new HttpForbiddenException(); + } + } /* @GetMapping("/_tglogin") public String doDurovLogin(HttpServletRequest request, |