📄 handletokenservlet.java
字号:
/* Copyright (c) 2006 Google Inc. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */package sample.authsub.src;import com.google.gdata.client.http.AuthSubUtil;import com.google.gdata.util.AuthenticationException;import java.io.IOException;import java.security.GeneralSecurityException;import java.util.Iterator;import java.util.Map;import javax.servlet.ServletException;import javax.servlet.http.Cookie;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;/** * Handles the processing of an AuthSub token. * <p> * The user will login to the Google account and lend permission for * this service to impersonate the user. Upon completion of the login * and permission-grant, the user will be redirected to this servlet * with the token in the URL. * * */public class HandleTokenServlet extends HttpServlet { protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { // Retrieve the AuthSub token assigned by Google String token = AuthSubUtil.getTokenFromReply(req.getQueryString()); if (token == null) { resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "No token specified."); return; } // Exchange the token for a session token String sessionToken; try { sessionToken = AuthSubUtil.exchangeForSessionToken(token, Utility.getPrivateKey()); } catch (IOException e1) { resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Exception retrieving session token."); return; } catch (GeneralSecurityException e1) { resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Security error while retrieving session token."); return; } catch (AuthenticationException e) { resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Server rejected one time use token."); return; } try { // Sanity checking usability of token Map<String, String> info = AuthSubUtil.getTokenInfo(sessionToken, Utility.getPrivateKey()); for (Iterator<String> iter = info.keySet().iterator(); iter.hasNext();) { String key = iter.next(); System.out.println("\t(key, value): (" + key + ", " + info.get(key) + ")"); } } catch (IOException e1) { resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Exception retrieving info for session token."); return; } catch (GeneralSecurityException e1) { resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Security error while retrieving session token info."); return; } catch (AuthenticationException e) { resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Auth error retrieving info for session token: " + e.getMessage()); return; } // Retrieve the authentication cookie to identify user String principal = Utility.getCookieValueWithName(req.getCookies(), Utility.LOGIN_COOKIE_NAME); if (principal == null) { resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "Unidentified principal."); return; } // Store the token TokenManager.storeToken(principal, sessionToken); // Redirect to main.jsp where the token will be used StringBuffer continueUrl = req.getRequestURL(); int index = continueUrl.lastIndexOf("/"); continueUrl.delete(index, continueUrl.length()); continueUrl.append(LoginServlet.NEXT_URL); resp.sendRedirect(continueUrl.toString()); }}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -