将Google SIgn添加到现有的OAuth2

时间:2019-02-25 16:05:49

标签: spring oauth-2.0 google-signin

已实现OAuth2的现有Spring后端。 当用户从我们的前端登录时,我们会向她颁发访问令牌和刷新令牌,以供他们使用。 现在,我们添加了 Google登录。我添加了以下类(已删除了不相关的代码):

令牌类

public class GoogleIdAuthToken extends AbstractAuthenticationToken {
    // Some members
    public GoogleIdAuthToken(String token, Object details) {
        super(new ArrayList<>());
        // Init members with token and details
    }
    // Another ctor here
...
}

过滤器类

public class GoogleIdAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
    // Some members   
    public GoogleIdAuthenticationFilter(AuthenticationManager authenticationManager, String defaultFilterProcessesUrl) {
        super(defaultFilterProcessesUrl);
        setAuthenticationManager(authenticationManager);
    }

    @Override
    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException, ServletException {
        // Get token and details from request and create an authRequest
        GoogleIdAuthToken authRequest = new GoogleIdAuthToken(token, details);
        Authentication authResult = getAuthenticationManager().authenticate(authRequest);
        return authResult;
    }
...
}

提供程序类

@Component
public class GoogleIdAuthenticationProvider implements AuthenticationProvider {
    private String clientId = "xxxxx";

    @Override
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {        
        GoogleIdAuthToken GoogleIdAuthToken = (GoogleIdAuthToken) authentication;
        httpTransport = GoogleNetHttpTransport.newTrustedTransport();        
        GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(httpTransport, jsonFactory)
                .setAudience(Collections.singletonList(getClientId()))
                .build();

        GoogleIdToken googleIdToken = 
        verifier.verify((String) GoogleIdAuthToken.getCredentials());

        Payload payload = googleIdToken.getPayload();
        // Get profile information from payload and use it to get user from DB        
        UserDetails ud = userDetailsService.loadUserByUsername(info_from_payload);

        return new GoogleIdAuthToken(
                    (String) GoogleIdAuthToken.getCredentials(),
                    ud,
                    ud.getAuthorities(),
                    authentication.getDetails());
        }
    }
...
}

它工作正常,即当用户使用 Google 登录时,调用 GoogleIdAuthenticationProvider.authenticate(),从数据库中获取用户并返回< strong> GoogleIdAuthToken 。 但是我还必须生成一个访问/刷新令牌并将其返回给刚登录Google的用户,就像它们从我们的前端登录一样。

我该怎么做? 如何要求现有的OAuth2生成并返回它们?

谢谢

0 个答案:

没有答案
相关问题
最新问题