private void handleAuthorization(HttpServletRequest req, HttpServletResponse resp) throws IOException { PrintWriter writer = resp.getWriter(); if (req.getParameter("error") != null) { writer.append(req.getParameter("error")); return; } String code = req.getParameter("code"); String redir = (String) req.getSession().getAttribute("redir"); req.getSession().setAttribute("redir", null); if (code == null || redir == null) { resp.sendRedirect("/"); return; } StringBuilder postParameters = new StringBuilder(); postParameters.append(para("code", code)).append("&"); postParameters.append(para("client_id", Configuration.googleClientId())).append("&"); postParameters.append(para("client_secret", Configuration.googleClientSecret())).append("&"); postParameters.append(para("redirect_uri", redir)).append("&"); postParameters.append(para("grant_type", "authorization_code")); URL url = new URL("https://accounts.google.com/o/oauth2/token"); URLConnection urlConnection = url.openConnection(); ((HttpURLConnection) urlConnection).setRequestMethod("POST"); urlConnection.setDoInput(true); urlConnection.setDoOutput(true); urlConnection.setUseCaches(false); urlConnection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); urlConnection.setRequestProperty("Content-Length", "" + postParameters.toString().length()); // Create I/O streams DataOutputStream outStream = new DataOutputStream(urlConnection.getOutputStream()); // Send request outStream.writeBytes(postParameters.toString()); outStream.flush(); outStream.close(); String googleJson = toString(urlConnection.getInputStream()); JsonObject jsonObject = (JsonObject) JsonParser.parse(googleJson); String accessToken = jsonObject.requiredString("access_token"); // get some info about the user with the access token String getStr = "https://www.googleapis.com/oauth2/v1/userinfo?" + para("access_token", accessToken); URLConnection inconn = new URL(getStr).openConnection(); String gsstr; try (InputStream is = inconn.getInputStream()) { gsstr = toString(is); } updateUserLogin(req, gsstr); redirToLandingPage(req, resp); }
private void updateUserLogin(HttpServletRequest req, String gsstr) throws IOException { JsonNode googleAuth = JsonParser.parse(gsstr); JsonObject objnode = (JsonObject) googleAuth; String googleId = objnode.requiredString("id"); boolean isAdmin = Configuration.adminGoogleIds().contains(googleId); objnode.put("admin", isAdmin); System.out.println("Setting user logged in " + objnode); req.getSession().setAttribute("user", objnode); }