AppIdentityService.GetAccessTokenResult accessToken = AppIdentityServiceFactory.getAppIdentityService().getAccessToken(scopes); connection.setRequestProperty("Authorization", "Bearer " + accessToken.getAccessToken()); connection.connect(); log.debug("connection failed with accessToken: " + accessToken.getAccessToken()); log.debug(connection.getResponseMessage()); throw new NotFoundException("Object at url: " + resumeableUploadURL +
List<String> scopes = new ArrayList<>(); scopes.add("https://www.googleapis.com/auth/devstorage.full_control"); AppIdentityService appIdentity = AppIdentityServiceFactory.getAppIdentityService(); AppIdentityService.GetAccessTokenResult accessToken = appIdentity.getAccessToken(scopes); urlConnection.setRequestProperty("Authorization","Bearer "+accessToken.getAccessToken());
private Credential creds; /** * Keep the expiration time of the access token to renew it before expiry */ private Calendar expirationTime = Calendar.getInstance(); protected void initCredentials() { List<String> scopes = Arrays.asList("https://spreadsheets.google.com/feeds"); AppIdentityService appIdentity = AppIdentityServiceFactory.getAppIdentityService(); AppIdentityService.GetAccessTokenResult accessToken = appIdentity.getAccessToken(scopes); expirationTime.setTime(accessToken.getExpirationTime()); expirationTime.add(Calendar.MINUTE,-REFRESH_MINUTES); //refresh some time before expiry creds = new Credential(BearerToken.authorizationHeaderAccessMethod()); creds.setAccessToken(accessToken.getAccessToken()); } public SpreadsheetUtil(String appname) { myService = new SpreadsheetService(appname); myService.setOAuth2Credentials(cred); }
/** * Attempts to return the token from cache. If this is not possible because it is expired or was * never assigned, a new token is requested and parallel requests will block on retrieving a new * token. As such no guarantee of maximum latency is provided. * * To avoid blocking the token is refreshed before it's expiration, while parallel requests * continue to use the old token. */ @Override protected String getToken() { GetAccessTokenResult token = accessToken.get(); if (token == null || isExpired(token) || (isAboutToExpire(token) && refreshInProgress.compareAndSet(false, true))) { lock.lock(); try { token = accessToken.get(); if (token == null || isAboutToExpire(token)) { token = accessTokenProvider.getNewAccessToken(oauthScopes); accessToken.set(token); cacheExpirationHeadroom.set(getNextCacheExpirationHeadroom()); } } finally { refreshInProgress.set(false); lock.unlock(); } } return token.getAccessToken(); }
@Test public void testGetAccessTokenWithScope() { Date beforeRequest = new Date(); List<String> scopes = new ArrayList<>(); scopes.add("https://www.googleapis.com/auth/urlshortener"); AppIdentityService.GetAccessTokenResult tokenResult = appIdentity.getAccessToken(scopes); Assert.assertNotNull(tokenResult); Assert.assertTrue("Token should not be blank.", !tokenResult.getAccessToken().isEmpty()); String errMsg = "Expiration time should at least be after request time. " + dateDebugStr("Before-Request", beforeRequest) + ", " + dateDebugStr("Expiration-Time=", tokenResult.getExpirationTime()); Assert.assertTrue(errMsg, beforeRequest.getTime() < tokenResult.getExpirationTime().getTime()); log.info("AccessToken: " + tokenResult.getAccessToken() + " Expiration: " + tokenResult.getExpirationTime()); // Retrieve it again, should be same since it grabs it from a cache. AppIdentityService.GetAccessTokenResult tokenResult2 = appIdentity.getAccessToken(scopes); Assert.assertEquals(tokenResult.getAccessToken(), tokenResult2.getAccessToken()); }
@Test public void testGetAccessTokenUncached() { Date beforeRequest = new Date(); List<String> scopes = new ArrayList<>(); scopes.add("https://www.googleapis.com/auth/urlshortener"); // Although we do not verify whether the result came from the cache or not, // the token should at least be valid. AppIdentityService.GetAccessTokenResult tokenResult = appIdentity.getAccessTokenUncached(scopes); Assert.assertNotNull(tokenResult); Assert.assertTrue("Token should not be blank.", !tokenResult.getAccessToken().isEmpty()); String errMsg = "Expiration time should at least be after request time. " + dateDebugStr("Before-Request", beforeRequest) + ", " + dateDebugStr("Expiration-Time=", tokenResult.getExpirationTime()); Assert.assertTrue(errMsg, beforeRequest.getTime() < tokenResult.getExpirationTime().getTime()); log.info("AccessToken: " + tokenResult.getAccessToken() + " Expiration: " + tokenResult.getExpirationTime()); }
/** * Refresh the access token by getting it from the App Identity service */ @Override public AccessToken refreshAccessToken() throws IOException { if (createScopedRequired()) { throw new IOException("AppEngineCredentials requires createScoped call before use."); } GetAccessTokenResult accessTokenResponse = appIdentityService.getAccessToken(scopes); String accessToken = accessTokenResponse.getAccessToken(); Date expirationTime = accessTokenResponse.getExpirationTime(); return new AccessToken(accessToken, expirationTime); }
@Override public Data getTokenData() { AppIdentityCredential credential = getCredential(); Collection<String> scopes = credential.getScopes(); AppIdentityService.GetAccessTokenResult result = credential.getAppIdentityService().getAccessToken( scopes ); String accessToken = result.getAccessToken(); Date expirationTime = result.getExpirationTime(); return new Data( accessToken, expirationTime ); } }
@Override protected TokenResponse executeRefreshToken() throws IOException { GetAccessTokenResult tokenResult = appIdentity.getAppIdentityService() .getAccessToken(appIdentity.getScopes()); TokenResponse response = new TokenResponse(); response.setAccessToken(tokenResult.getAccessToken()); long expiresInSeconds = (tokenResult.getExpirationTime().getTime() - System.currentTimeMillis()) / 1000; response.setExpiresInSeconds(expiresInSeconds); return response; } }
@Override public void intercept(HttpRequest request) throws IOException { String accessToken = appIdentityService.getAccessToken(scopes).getAccessToken(); BearerToken.authorizationHeaderAccessMethod().intercept(request, accessToken); }