Package spanishgringo.controller

Source Code of spanishgringo.controller.AuthorizationServlet

// Copyright 2009 Google Inc. All Rights Reserved.

package spanishgringo.controller;


import java.io.IOException;

import javax.servlet.RequestDispatcher;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import spanishgringo.data.GoogleData;
import spanishgringo.logic.AuthManager;
import spanishgringo.logic.AuthManagerFactory;

/**
* Controller for handing authentication requests. When a user initiates getting a new token,
* they are sent to this servlet and then redirected to Google to authorize this application to
* access their Google Data. Once a user has authorized, they are redirected back to this servlet
* to finish the authorization process. This servlet also handles revoking authorization tokens.
*
* @author api.nickm@google.com (Nick Mihailovski)
*/
@SuppressWarnings("serial")
public class AuthorizationServlet extends HttpServlet {

  /** Base URL of the Authorization Servlet */
  public static final String AUTH_HANDLER = "/tokenHandler";
  /** URL to revoke a token */
  public static final String REVOKE_TOKEN_HANDLER = "/tokenHandler?action=revoke";
  /** URL to authorize the user */
  public static final String AUTHORIZATION_HANDLER = "/tokenHandler?action=authorize";

  /**
   * Handles GET requests to this servlet. If there is a query parameter with the name "action"
   * and the value "authorize" the user will be redirected to Google to authorize this application
   * to access their Google Data. Once a user has authorized, they are redirected from Google back
   * to this servlet with a query parameter whose value is a one time use token. This servlet then
   * continues the authorization process and exchanges the one time use token for a long lived
   * token. If there is a query parameter with the name "action" and value "revoke" the uer's token
   * will be revoked.
   * @param request the the request object for this servlet.
   * @param response the response object for this servlet.
   * @throws IOException if a network error occurs.
   */
  public void doGet(HttpServletRequest request, HttpServletResponse response)
      throws IOException, ServletException {

    // This example supports both non-signed AuthSub and signed oAuth authorization methods. To
    // switch between both authroization methods simply replace retrieving a AuthManager
    // instance with the getOauthManager method for the getAuthSubManager method. This can be
    // done by uncommenting the code below. There is a similar change that must occur in the
    // MainServlet class.

    AuthManager authManager = AuthManagerFactory.getAuthSubManager();
    //AuthManager authManager = AuthManagerFactory.getOauthManager();
    String nextUrl = "";

    if (request.getParameter(authManager.getTokenParam()) != null) {
      // The user is being redirected back from google.com to exchange the AuthSub one time
      // use token for a session token.
      authManager.storeAuthorizedToken(request.getQueryString());
      nextUrl = MainServlet.MAIN_URL;

    } else if (request.getParameter("action") != null) {

      if (request.getParameter("action").equals("revoke")) {
        // The user is revoking their token.
        authManager.revokeToken();
        nextUrl = MainServlet.MAIN_URL;

      } else if (request.getParameter("action").equals("authorize")) {
        // The user is starting the AuthSub authorization process.
        nextUrl = authManager.getAuthorizationRedirectUrl(request.getRequestURL());
      }
    }

    GoogleData googleData = authManager.getGoogleData();

    if (googleData.getAuthorizationErrorMessage() != null) {
      // Forward users to the authorization page.
      request.setAttribute("googleData", googleData);
      ServletContext sc = getServletContext();
      RequestDispatcher dispatcher = sc.getRequestDispatcher(MainServlet.AUTHORIZATION_VIEW_URL);
      dispatcher.forward(request, response);
    } else {
      // Redirect users to the next page.
      response.sendRedirect(nextUrl);
    }
  }
}

TOP

Related Classes of spanishgringo.controller.AuthorizationServlet

TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.