public abstract class AbstractAppEngineAuthorizationCodeCallbackServlet extends AbstractAuthorizationCodeCallbackServlet
AbstractAuthorizationCodeCallbackServlet
that uses the currently
logged-in Google Account user, as directed in
Security and Authentication.
Note that if there is no currently logged-in user, getUserId(HttpServletRequest)
will
throw a NullPointerException
. Example to require login for all pages:
<security-constraint> <web-resource-collection> <web-resource-name>any</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>*</role-name> </auth-constraint> </security-constraint>
Sample usage:
public class ServletCallbackSample extends AbstractAppEngineAuthorizationCodeCallbackServlet { @Override protected void onSuccess(HttpServletRequest req, HttpServletResponse resp, Credential credential) throws ServletException, IOException { resp.sendRedirect("/"); } @Override protected void onError( HttpServletRequest req, HttpServletResponse resp, AuthorizationCodeResponseUrl errorResponse) throws ServletException, IOException { // handle error } @Override protected String getRedirectUri(HttpServletRequest req) throws ServletException, IOException { GenericUrl url = new GenericUrl(req.getRequestURL().toString()); url.setRawPath("/oauth2callback"); return url.build(); } @Override protected AuthorizationCodeFlow initializeFlow() throws IOException { return new AuthorizationCodeFlow.Builder(BearerToken.authorizationHeaderAccessMethod(), new UrlFetchTransport(), new JacksonFactory(), new GenericUrl("https://server.example.com/token"), new BasicAuthentication("s6BhdRkqt3", "7Fjfp0ZBr1KtDRbnfVdmIw"), "s6BhdRkqt3", "https://server.example.com/authorize").setCredentialStore(new AppEngineCredentialStore()) .build(); }
Constructor and Description |
---|
AbstractAppEngineAuthorizationCodeCallbackServlet() |
Modifier and Type | Method and Description |
---|---|
protected String |
getUserId(javax.servlet.http.HttpServletRequest req)
Returns the user ID for the given HTTP servlet request.
|
doGet, getRedirectUri, initializeFlow, onError, onSuccess
doDelete, doHead, doOptions, doPost, doPut, doTrace, getLastModified, service, service
public AbstractAppEngineAuthorizationCodeCallbackServlet()
protected String getUserId(javax.servlet.http.HttpServletRequest req) throws javax.servlet.ServletException, IOException
AbstractAuthorizationCodeCallbackServlet
getUserId
in class AbstractAuthorizationCodeCallbackServlet
javax.servlet.ServletException
IOException
Copyright © 2011–2020 Google. All rights reserved.