-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathAuthService.java
More file actions
101 lines (82 loc) · 3.89 KB
/
AuthService.java
File metadata and controls
101 lines (82 loc) · 3.89 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
package land.leets.domain.auth;
import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken;
import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken.Payload;
import com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier;
import com.google.api.client.http.javanet.NetHttpTransport;
import com.google.api.client.json.gson.GsonFactory;
import land.leets.domain.auth.exception.PermissionDeniedException;
import land.leets.domain.auth.presentation.dto.OAuthTokenDto;
import land.leets.domain.user.domain.User;
import land.leets.domain.user.domain.repository.UserRepository;
import land.leets.global.jwt.exception.InvalidTokenException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Service;
import org.springframework.web.client.RestTemplate;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.Optional;
@Service
public class AuthService {
private final String googleAuthUrl;
private final String googleRedirectUrl;
private final String googleClientId;
private final String googleClientPassword;
private final UserRepository userRepository;
@Autowired
public AuthService(@Value("${google.auth.url}") String googleAuthUrl,
@Value("${google.redirect.url}") String googleRedirectUrl,
@Value("${spring.security.oauth2.client.registration.google.client-id}") String googleClientId,
@Value("${spring.security.oauth2.client.registration.google.client-secret}") String googleClientPassword,
UserRepository userRepository) {
this.googleAuthUrl = googleAuthUrl;
this.googleRedirectUrl = googleRedirectUrl;
this.googleClientId = googleClientId;
this.googleClientPassword = googleClientPassword;
this.userRepository = userRepository;
}
public User getGoogleToken(String code) throws GeneralSecurityException, IOException {
RestTemplate restTemplate = new RestTemplate();
Map<String, String> params = new HashMap<>();
params.put("code", code);
params.put("client_id", googleClientId);
params.put("client_secret", googleClientPassword);
params.put("redirect_uri", googleRedirectUrl);
params.put("grant_type", "authorization_code");
ResponseEntity<OAuthTokenDto> responseEntity = restTemplate.postForEntity(googleAuthUrl, params, OAuthTokenDto.class);
if (responseEntity.getStatusCode() != HttpStatus.OK || responseEntity.getBody() == null) {
throw new PermissionDeniedException();
}
String idToken = responseEntity.getBody().getId_token();
return getUser(idToken);
}
public User getUser(String idToken) throws GeneralSecurityException, IOException {
final GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(new NetHttpTransport(), GsonFactory.getDefaultInstance())
.setAudience(Collections.singletonList(googleClientId))
.build();
GoogleIdToken googleIdToken = verifier.verify(idToken);
if (idToken == null) {
throw new InvalidTokenException();
}
Payload payload = googleIdToken.getPayload();
String userId = payload.getSubject();
Optional<User> bySub = userRepository.findBySub(userId);
if (bySub.isPresent()) {
return bySub.get();
}
User user = new User(
null,
(String) payload.get("name"),
null,
payload.getEmail(),
userId,
null
);
return userRepository.save(user);
}
}