11

nel codice colpo, che cosa è transport e jsonFactory? (Non capisco)Android: che cosa è il trasporto e jsonFactory in GoogleIdTokenVerifier.Builder?

https://developers.google.com/identity/sign-in/android/backend-auth#using-a-google-api-client-library

import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken; 
import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken.Payload; 
import com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier; 

... 

GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(transport /**Here**/, jsonFactory /**Here**/) 
.setAudience(Arrays.asList(CLIENT_ID)) 
// If you retrieved the token on Android using the Play Services 8.3 API or newer, set 
// the issuer to "https://accounts.google.com". Otherwise, set the issuer to 
// "accounts.google.com". If you need to verify tokens from multiple sources, build 
// a GoogleIdTokenVerifier for each issuer and try them both. 
.setIssuer("https://accounts.google.com") 
.build(); 

// (Receive idTokenString by HTTPS POST) 

GoogleIdToken idToken = verifier.verify(idTokenString); 
if (idToken != null) { 
    Payload payload = idToken.getPayload(); 

    // Print user identifier 
    String userId = payload.getSubject(); 
    System.out.println("User ID: " + userId); 

    // Get profile information from payload 
    String email = payload.getEmail(); 
    boolean emailVerified = Boolean.valueOf(payload.getEmailVerified()); 
    String name = (String) payload.get("name"); 
    String pictureUrl = (String) payload.get("picture"); 
    String locale = (String) payload.get("locale"); 
    String familyName = (String) payload.get("family_name"); 
    String givenName = (String) payload.get("given_name"); 

    // Use or store profile information 
    // ... 

} else { 
    System.out.println("Invalid ID token."); 
} 

risposta

9

Il GoogleIdTokenVerifier.Builder restituisce un GoogleIdTokenVerifier che farà una richiesta al tokeninfo endpoint con la transport si dà e utilizzare il JSONFactory per creare un parser per analizzare la risposta.

Ecco un esempio di un autenticatore per un progetto endpoint cloud che utilizza il GoogleIdTokenVerifier.Builder

public class GoogleAuthenticator implements Authenticator { 

    private static final Logger log = Logger.getLogger(GoogleAuthenticator.class.getName()); 
    private static final JacksonFactory jacksonFactory = new JacksonFactory(); 

    // From: https://developers.google.com/identity/sign-in/android/backend-auth#using-a-google-api-client-library 
    // If you retrieved the token on Android using the Play Services 8.3 API or newer, set 
    // the issuer to "https://accounts.google.com". Otherwise, set the issuer to 
    // "accounts.google.com". If you need to verify tokens from multiple sources, build 
    // a GoogleIdTokenVerifier for each issuer and try them both. 

    GoogleIdTokenVerifier verifierForNewAndroidClients = new GoogleIdTokenVerifier.Builder(UrlFetchTransport.getDefaultInstance(), jacksonFactory) 
      .setAudience(Arrays.asList(CRLConstants.IOS_CLIENT_ID, CRLConstants.ANDROID_CLIENT_ID_RELEASE, CRLConstants.ANDROID_CLIENT_ID_DEBUG)) 
      .setIssuer("https://accounts.google.com") 
      .build(); 

    GoogleIdTokenVerifier verifierForOtherClients = new GoogleIdTokenVerifier.Builder(UrlFetchTransport.getDefaultInstance(), jacksonFactory) 
      .setAudience(Arrays.asList(CRLConstants.IOS_CLIENT_ID, CRLConstants.ANDROID_CLIENT_ID_RELEASE, CRLConstants.ANDROID_CLIENT_ID_DEBUG)) 
      .setIssuer("accounts.google.com") 
      .build(); 

    // Custom Authenticator class for authenticating google accounts 
    @Override 
    public User authenticate(HttpServletRequest request) { 

     String token = request.getHeader("google_id_token"); 
     if (token != null) { 

      GoogleIdToken idToken = null; 
      try { 
       idToken = verifierForNewAndroidClients.verify(token); 
       if(idToken == null) idToken = verifierForOtherClients.verify(token); 

       if (idToken != null) { 

        GoogleIdToken.Payload payload = idToken.getPayload(); 

        // Get profile information from payload 
        String userId = payload.getSubject(); 
        String email = payload.getEmail(); 

        return new GoogleUser(userId, email); 

       } else { 
        log.warning("Invalid Google ID token."); 
       } 

      } catch (GeneralSecurityException e) { 
       log.warning(e.getLocalizedMessage()); 
      } catch (IOException e) { 
       log.warning(e.getLocalizedMessage()); 
      } 

     } 

     return null; 
    } 

}