Richard Tailor
Reputation: 13
Authentication issue Oauth2 in java
I have a problem with my application. My goal is edit google spreadsheets from Java. But I have problem with authentication. I can authorize myself if I copy the auth code from browser, but is not a possible solution in my case. So first I'd like to write a siple program to authenticate myself, for example:
package com.googleoauth;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.HttpClient;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpRequestBase;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.servlet.ServletContextHandler;
import org.eclipse.jetty.servlet.ServletHolder;
import org.json.simple.JSONObject;
import org.json.simple.parser.JSONParser;
import org.json.simple.parser.ParseException;
import com.google.common.collect.ImmutableMap;
public class GoogleOauthServer {
private Server server = new Server(8089);
private final String clientId = "141523981682-ee0an7hj3f82rphdud7940v9juniqkch.apps.googleusercontent.com";
private final String clientSecret = "_cCjAG9mlS9KufGzFan4Arni";
private final String callbackUri = "http://localhost:8089/callback";
public static void main(String[] args) throws Exception {
new GoogleOauthServer().startJetty();
}
public void startJetty() throws Exception {
ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS);
context.setContextPath("/");
server.setHandler(context);
// map servlets to endpoints
context.addServlet(new ServletHolder(new SigninServlet()),"/signin");
context.addServlet(new ServletHolder(new CallbackServlet()),"/callback");
server.start();
server.join();
}
class SigninServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException,IOException {
// redirect to google for authorization
StringBuilder oauthUrl = new StringBuilder().append("https://accounts.google.com/o/oauth2/auth")
.append("?client_id=").append(clientId) // the client id from the api console registration
.append("&response_type=code")
.append("&scope=openid%20email") // scope is the api permissions we are requesting
.append("&redirect_uri=").append(callbackUri) // the servlet that google redirects to after authorization
.append("&state=this_can_be_anything_to_help_correlate_the_response%3Dlike_session_id")
.append("&access_type=offline") // here we are asking to access to user's data while they are not signed in
.append("&approval_prompt=force"); // this requires them to verify which account to use, if they are already signed in
resp.sendRedirect(oauthUrl.toString());
}
}
class CallbackServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException,IOException {
// google redirects with
//http://localhost:8089/callback?state=this_can_be_anything_to_help_correlate_the_response%3Dlike_session_id&code=4/ygE-kCdJ_pgwb1mKZq3uaTEWLUBd.slJWq1jM9mcUEnp6UAPFm0F2NQjrgwI&authuser=0&prompt=consent&session_state=a3d1eb134189705e9acf2f573325e6f30dd30ee4..d62c
// if the user denied access, we get back an error, ex
// error=access_denied&state=session%3Dpotatoes
if (req.getParameter("error") != null) {
resp.getWriter().println(req.getParameter("error"));
return;
}
// google returns a code that can be exchanged for a access token
String code = req.getParameter("code");
// get the access token by post to Google
String body = post("https://accounts.google.com/o/oauth2/token", ImmutableMap.<String,String>builder()
.put("code", code)
.put("client_id", clientId)
.put("client_secret", clientSecret)
.put("redirect_uri", callbackUri)
.put("grant_type", "authorization_code").build());
JSONObject jsonObject = null;
// get the access token from json and request info from Google
try {
jsonObject = (JSONObject) new JSONParser().parse(body);
} catch (ParseException e) {
throw new RuntimeException("Unable to parse json " + body);
}
// google tokens expire after an hour, but since we requested offline access we can get a new token without user involvement via the refresh token
String accessToken = (String) jsonObject.get("access_token");
// you may want to store the access token in session
req.getSession().setAttribute("access_token", accessToken);
// get some info about the user with the access token
String json = get(new StringBuilder("https://www.googleapis.com/oauth2/v1/userinfo?access_token=").append(accessToken).toString());
// now we could store the email address in session
// return the json of the user's basic info
resp.getWriter().println(json);
}
}
// makes a GET request to url and returns body as a string
public String get(String url) throws ClientProtocolException, IOException {
return execute(new HttpGet(url));
}
// makes a POST request to url with form parameters and returns body as a string
public String post(String url, Map<String,String> formParameters) throws ClientProtocolException, IOException {
HttpPost request = new HttpPost(url);
List <NameValuePair> nvps = new ArrayList <NameValuePair>();
for (String key : formParameters.keySet()) {
nvps.add(new BasicNameValuePair(key, formParameters.get(key)));
}
request.setEntity(new UrlEncodedFormEntity(nvps));
return execute(request);
}
// makes request and checks response code for 200
private String execute(HttpRequestBase request) throws ClientProtocolException, IOException {
HttpClient httpClient = new DefaultHttpClient();
HttpResponse response = httpClient.execute(request);
HttpEntity entity = response.getEntity();
String body = EntityUtils.toString(entity);
if (response.getStatusLine().getStatusCode() != 200) {
throw new RuntimeException("Expected 200 but got " + response.getStatusLine().getStatusCode() + ", with body " + body);
}
return body;
}
}
When I tried this example I got an error: 401. That’s an error. Error: invalid_client The OAuth client was deleted.
I can't find any useful about this error.
If somebody can send an example, where I can authorize myself without any copy or other external intervention that would be very kind.
Thanks, Richard
Upvotes: 1
Views: 894
Answers (1)
KYL
Reputation: 56
I just got your example and started the application. Browsed to localhost:8089/signin then logged in with google, approved some permissions and finally I got the json response with my userinfo. Then restarted the application. The scenario still works. :)
The problem you encountered "could be" caused by some wrong dependencies you use in your code. My deps were following:
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-server</artifactId>
<version>9.3.0.M1</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-servlet</artifactId>
<version>9.3.0.M1</version>
</dependency>
<dependency>
<groupId>org.apache.clerezza.ext</groupId>
<artifactId>org.json.simple</artifactId>
<version>0.4</version>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava-collections</artifactId>
<version>r03</version>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpcore</artifactId>
<version>4.2.5</version>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>4.2.5</version>
</dependency>
Upvotes: 1
Related Questions
- How to use google-oauth-java-client?
- Google oauth java client to get an access token fails with "400 Bad Request { "error" : "invalid_request" }"
- How to authenticate with login and password using OAuth2?
- Google OAuth api
- Authenticate programmatically to Google with OAuth2
- Authenticating a user using Google
- sign in with google api java
- Google OAuth2 PlayGround returns "Unauthorized Client"
- Error 401 requesting access token from Google with Oauth2
- google oauth2 on android