所以iam开发的项目基本上是一个带有Google SignIn选项的投票平台。通过签名的Google ID验证用户。
这是索引页面(欢迎页面)的javascript文件
class CreateDisbursements < ActiveRecord::Migration[5.1]
def change
create_table :disbursements do |t|
t.decimal :amount
t.integer :payable_id
t.string :payable_type
t.integer :receivable_id
t.string :receivable_type
t.timestamps
end
add_index :disbursements, [:payable_type, :payable_id]
add_index :disbursements, [:receivable_id, :receivable_type]
end
end
class Disbursement < ApplicationRecord
belongs_to :payable, polymorphic: true
belongs_to :receivable, polymorphic: true
end
class ShoppingList < ApplicationRecord
has_many :disbursements, as: :payable
has_many :users, through: :disbursements, source: :receivable, source_type: 'User'
end
class Payment < ApplicationRecord
has_many :disbursements, as: :payable
has_many :users, through: :disbursements, source: :receivable, source_type: 'User'
end
class User < ApplicationRecord
has_many :disbursements, as: :receivable
has_many :payments, through: :disbursements, source: :payable, source_type: 'Payment'
has_many :shopping_lists, through: :disbursements, source: :payable, source_type: 'ShoppingList'
end
user = User.find params[:user_id]
payment = Payment.find params[:payment_id]
amount = params[:amount]
payment.disbursements.create(amount: amount, receivable: user)
user.disbursements.create(amount: amount, payable: payment)
Disbursement.create(amount: amount, payable: payment, receivable: user)
user.payments
payment.users
使用此脚本加载索引页面后,我希望在服务器端servlet上重新启动id_token。 servlet和xml配置如下:
function onSuccess(googleUser) {
var profile = googleUser.getBasicProfile();
gapi.client.load('plus', 'v1', function () {
var request = gapi.client.plus.people.get({
'userId': 'me'
});
});
var id_token = googleUser.getAuthResponse().id_token;
var xhr = new XMLHttpRequest();
xhr.open('POST', 'https://index.jsp/tokensignin');
xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
xhr.onload = function() {
console.log('Signed in as: ' + xhr.responseText);
};
xhr.send('idtoken=' + id_token);
redirect();
}
function redirect(){
window.location="submit.jsp";
}
function onFailure(error) {
alert('signIn failed');
}
function renderButton() {
gapi.signin2.render('gSignIn', {
'scope': 'profile email',
'width': 150,
'height': 30,
'longtitle': true,
'theme': 'dark',
'onsuccess': onSuccess,
'onfailure': onFailure
});
}
function signOut() {
var auth2 = gapi.auth2.getAuthInstance();
auth2.signOut().then(function () {
console.log('User signed out.');
});
}
的servlet:
<?xml version="1.0" encoding="UTF-8"?>
<web-app >
<display-name>vooting_proj</display-name>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<servlet>
<servlet-name>subvote</servlet-name>
<servlet-class>vooting_proj.VoteSer</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>subvote</servlet-name>
<url-pattern>/index.jsp</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>subvote</servlet-name>
<url-pattern>/submit.jsp</url-pattern>
</servlet-mapping>
</web-app>
所以当我运行上面的代码时,在这些类中获取空指针异常:
public class VoteSer extends HttpServlet {
private static final JsonFactory JSON_FACTORY = new JacksonFactory();
private static final String CLIENT_ID ="1067440508780-4sohls7be8loq4fc61g54pp4211j63h8.apps.googleusercontent.com";
protected void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(new NetHttpTransport(), JSON_FACTORY)
.setAudience(Collections.singletonList(CLIENT_ID))
// Or, if multiple clients access the backend:
//.setAudience(Arrays.asList(CLIENT_ID_1, CLIENT_ID_2, CLIENT_ID_3))
.build();
String idTokenString= request.getParameter("idtoken");
GoogleIdToken idToken= null;
try {
idToken = verifier.verify(idTokenString);
} catch (GeneralSecurityException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
if (idToken != null) {
Payload payload = idToken.getPayload();
// Print user identifier
String userId = payload.getSubject();
System.out.println("User ID: " + userId);
// Get profile information from payload
String email = payload.getEmail();
System.out.println(email);
boolean emailVerified = Boolean.valueOf(payload.getEmailVerified());
String name = (String) payload.get("name");
System.out.println(name);
String pictureUrl = (String) payload.get("picture");
String locale = (String) payload.get("locale");
String familyName = (String) payload.get("family_name");
String givenName = (String) payload.get("given_name");
// Use or store profile information
// ...
} else {
System.out.println("Invalid ID token.");
}
String sub=request.getParameter("vote_sub");
System.out.println(sub);
}
}
elcips要求我将此部分包含在try-catch块中:
com.google.api.client.googleapis.auth.oauth2.GoogleIdToken;
com.google.api.client.googleapis.auth.oauth2.GoogleIdToken.Payload;
com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier;
当iam没有处理它时,它在运行时给我异常
GoogleIdToken idToken= null;
try {
idToken = verifier.verify(idTokenString);
} catch (GeneralSecurityException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
请帮助解决这个问题,因为这是我第一个急切希望完成的项目。