String email = payload.getEmail();
final String email = googleIdToken.getPayload().getEmail(); if (email == null) { logger.debug("No email in id token");
public Optional<OAuthDetails> checkAuthHeader(String authToken) { try { GoogleIdToken token = GoogleIdToken.parse(jsonFactory, authToken); if (tokenVerifier.verify(token)) { GoogleIdToken.Payload payload = token.getPayload(); if (!payload.getAudience().equals(googleOAuthWebClientId)) { return Optional.absent(); } if (!googleAuthClientIds.contains(payload.getAuthorizedParty())) return Optional.absent(); return Optional.of(new OAuthDetails(payload.getSubject(), payload.getEmail())); } } catch (GeneralSecurityException | IOException e) { Log.debug("oauth failed", e); } return Optional.absent(); }
String email = payload.getEmail(); boolean emailVerified = Boolean.valueOf(payload.getEmailVerified()); String name = (String) payload.get("name");
String email = payload.getEmail(); boolean emailVerified = Boolean.valueOf(payload.getEmailVerified()); String name = (String) payload.get("name");
@Override public void authorizeServiceAccountUsage(WorkflowId workflowId, String serviceAccount, GoogleIdToken idToken) { final String principalEmail = idToken.getPayload().getEmail();
throw new RequestException(500, parser.problem()); emailAddr = payload.getEmail(); if (emailAddr == null) { String entries = null;
public static <T> Middleware<AsyncHandler<Response<T>>, AsyncHandler<Response<T>>> httpLogger( Logger log, RequestAuthenticator authenticator) { return innerHandler -> requestContext -> { final Request request = requestContext.request(); log.info("{}{} {} by {} with headers {} parameters {} and payload {}", "GET".equals(request.method()) ? "" : "[AUDIT] ", request.method(), request.uri(), // TODO: pass in auth context instead of authenticating twice auth(requestContext, authenticator).user().map(idToken -> idToken.getPayload() .getEmail()) .orElse("anonymous"), hideSensitiveHeaders(request.headers()), request.parameters(), request.payload().map(ByteString::utf8).orElse("") .replaceAll("\n", " ")); return innerHandler.invoke(requestContext); }; }
Checker checker = new Checker(); GoogleIdToken.Payload payload = checker.check(token); String mail = payload.getEmail();
private Subject buildSubject(String accessToken, GoogleIdToken.Payload payload) { TokenCredential.Builder builder = TokenCredential.builder(); builder.issueTime(toInstant(payload.getIssuedAtTimeSeconds())); builder.expTime(toInstant(payload.getExpirationTimeSeconds())); builder.issuer(payload.getIssuer()); builder.token(accessToken); builder.addToken(GoogleIdToken.Payload.class, payload); String email = payload.getEmail(); String userId = payload.getSubject(); Principal principal = Principal.builder() .id(userId) .name((null == email) ? userId : email) .addAttribute("fullName", payload.get("name")) .addAttribute("emailVerified", payload.getEmailVerified()) .addAttribute("locale", payload.get("locale")) .addAttribute("familyName", payload.get("family_name")) .addAttribute("givenName", payload.get("given_name")) .addAttribute("pictureUrl", payload.get("picture")) .build(); return Subject.builder() .principal(principal) .addPublicCredential(TokenCredential.class, builder.build()) .build(); }