zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-05-02 13:07:50 +02:00
Code Issues Projects Releases Packages Wiki Activity
google-nomulus/java/google/registry/tools/DefaultRequestFactoryModule.java
mmuller acc7d19106 Put the path to client_secrets in a config option. 
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=148214513
2017-02-22 11:49:03 -05:00

188 lines
7 KiB
Java
Raw Blame History

// Copyright 2017 The Nomulus Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package google.registry.tools;
import static java.nio.charset.StandardCharsets.UTF_8;
import com.google.api.client.auth.oauth2.Credential;
import com.google.api.client.extensions.java6.auth.oauth2.AuthorizationCodeInstalledApp;
import com.google.api.client.extensions.jetty.auth.oauth2.LocalServerReceiver;
import com.google.api.client.googleapis.auth.oauth2.GoogleAuthorizationCodeFlow;
import com.google.api.client.googleapis.auth.oauth2.GoogleClientSecrets;
import com.google.api.client.http.HttpRequest;
import com.google.api.client.http.HttpRequestFactory;
import com.google.api.client.http.HttpRequestInitializer;
import com.google.api.client.http.javanet.NetHttpTransport;
import com.google.api.client.json.JsonFactory;
import com.google.api.client.json.jackson2.JacksonFactory;
import com.google.api.client.util.store.AbstractDataStoreFactory;
import com.google.api.client.util.store.FileDataStoreFactory;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Joiner;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Ordering;
import dagger.Binds;
import dagger.Module;
import dagger.Provides;
import google.registry.config.RegistryConfig.Config;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.util.Collection;
import javax.inject.Named;
import javax.inject.Provider;
import javax.inject.Singleton;
/**
* Module for providing the default HttpRequestFactory.
*
*
* <p>This module provides a standard NetHttpTransport-based HttpRequestFactory binding.
* The binding is qualified with the name named "default" and is not consumed directly. The
* RequestFactoryModule module binds the "default" HttpRequestFactory to the unqualified
* HttpRequestFactory, allowing users to override the actual, unqualified HttpRequestFactory
* binding by replacing RequestFactoryfModule with their own module, optionally providing
* the "default" factory in some circumstances.
*
* <p>Localhost connections go to the App Engine dev server. The dev server differs from most HTTP
* connections in that they don't require OAuth2 credentials, but instead require a special cookie.
*/
@Module
class DefaultRequestFactoryModule {
private static final File DATA_STORE_DIR =
new File(System.getProperty("user.home"), ".config/nomulus/credentials");
/** Returns the credential object for the user. */
@Provides
Credential provideCredential(
AbstractDataStoreFactory dataStoreFactory,
Authorizer authorizer,
@Config("clientSecretFilename") String clientSecretFilename) {
try {
// Load the client secrets file.
JacksonFactory jsonFactory = new JacksonFactory();
InputStream secretResourceStream = getClass().getResourceAsStream(clientSecretFilename);
if (secretResourceStream == null) {
throw new RuntimeException("No client secret file found: " + clientSecretFilename);
}
GoogleClientSecrets clientSecrets = GoogleClientSecrets.load(jsonFactory,
new InputStreamReader(secretResourceStream, UTF_8));
return authorizer.authorize(clientSecrets);
} catch (IOException ex) {
throw new RuntimeException(ex);
}
}
@Provides
@Named("default")
public HttpRequestFactory provideHttpRequestFactory(
AppEngineConnectionFlags connectionFlags,
Provider<Credential> credentialProvider) {
if (connectionFlags.getServer().getHost().equals("localhost")) {
return new NetHttpTransport()
.createRequestFactory(
new HttpRequestInitializer() {
@Override
public void initialize(HttpRequest request) {
request
.getHeaders()
.setCookie("dev_appserver_login=test@example.com:true:1858047912411");
}
});
} else {
return new NetHttpTransport().createRequestFactory(credentialProvider.get());
}
}
/**
* Module for providing HttpRequestFactory.
*
* <p>Localhost connections go to the App Engine dev server. The dev server differs from most HTTP
* connections in that it doesn't require OAuth2 credentials, but instead requires a special
* cookie.
*/
@Module
abstract static class RequestFactoryModule {
@Binds
public abstract HttpRequestFactory provideHttpRequestFactory(
@Named("default") HttpRequestFactory requestFactory);
}
@Module
static class DataStoreFactoryModule {
@Provides
@Singleton
public AbstractDataStoreFactory provideDataStoreFactory() {
try {
return new FileDataStoreFactory(DATA_STORE_DIR);
} catch (IOException ex) {
throw new RuntimeException(ex);
}
}
}
/**
* Module to create the Authorizer used by DefaultRequestFactoryModule.
*/
@Module
static class AuthorizerModule {
@Provides
public Authorizer provideAuthorizer(
final JsonFactory jsonFactory,
final AbstractDataStoreFactory dataStoreFactory,
@Config("requiredOauthScopes") final ImmutableSet<String> requiredOauthScopes) {
return new Authorizer() {
@Override
public Credential authorize(GoogleClientSecrets clientSecrets) {
try {
// Run a new auth flow.
GoogleAuthorizationCodeFlow flow = new GoogleAuthorizationCodeFlow.Builder(
new NetHttpTransport(), jsonFactory, clientSecrets, requiredOauthScopes)
.setDataStoreFactory(dataStoreFactory)
.build();
return new AuthorizationCodeInstalledApp(flow, new LocalServerReceiver())
.authorize(createClientScopeQualifier(
clientSecrets.getDetails().getClientId(), requiredOauthScopes));
} catch (Exception ex) {
throw new RuntimeException(ex);
}
}
};
}
}
/**
* Create a unique identifier for a given client id and collection of scopes, to be used as an
* identifier for a credential.
*/
@VisibleForTesting
static String createClientScopeQualifier(String clientId, Collection<String> scopes) {
return clientId + " " + Joiner.on(" ").join(Ordering.natural().sortedCopy(scopes));
}
/**
* Interface that encapsulates the authorization logic to produce a credential for the user,
* allowing us to override the behavior for unit tests.
*/
interface Authorizer {
Credential authorize(GoogleClientSecrets clientSecrets);
}
}
Reference in a new issue View git blame Copy permalink