[AFP-91] 🛂 Implement 'ManagerTokenVerifier' class to handle access token...

[AFP-91] 🛂 Implement 'ManagerTokenVerifier' class to handle access token validation & payload parsing (@asegers)

[AFP-91] 🛂 Implement 'ManagerTokenVerifier' class to handle access token...
[AFP-91] 🛂 Implement 'ManagerTokenVerifier' class to handle access token validation & payload parsing (@asegers)
409e9701 · Alex Segers · 41225bdf · 409e9701
Commit 409e9701 authored May 11, 2021 by Alex Segers
Show whitespace changes
Inline Side-by-side

Showing with 71 additions and 0 deletions

ManagerTokenVerifier.java ...com/afp/ordermanagement/service/ManagerTokenVerifier.java +71 -0

No files found.
--- a/src/main/java/com/afp/ordermanagement/service/ManagerTokenVerifier.java
+++ b/src/main/java/com/afp/ordermanagement/service/ManagerTokenVerifier.java
+package com.afp.ordermanagement.service;
+
+import com.afp.ordermanagement.model.Manager;
+import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken;
+import com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier;
+import com.google.api.client.http.HttpTransport;
+import com.google.api.client.http.javanet.NetHttpTransport;
+import com.google.api.client.json.jackson2.JacksonFactory;
+import org.springframework.http.HttpHeaders;
+import org.springframework.stereotype.Service;
+import org.springframework.web.server.ServerWebExchange;
+
+import java.util.Collections;
+import static java.util.Objects.isNull;
+
+@Service
+public class ManagerTokenVerifier {
+    private final String CLIENT_ID = "925243198137-hhe2e3ejlethf321hh7tbm7ontc19cpj.apps.googleusercontent.com";
+    private final JacksonFactory jsonFactory = new JacksonFactory();
+    private final HttpTransport transport = new NetHttpTransport();
+    private final GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(transport, jsonFactory)
+            .setAudience(Collections.singletonList(CLIENT_ID))
+            .build();
+
+    public boolean isTokenValid(String idTokenString) {
+        try {
+            verifier.verify(idTokenString);
+            return true;
+        } catch (Exception ignore) { }
+        return false;
+    }
+
+    private GoogleIdToken.Payload createPayloadFromToken(String idTokenString) {
+        GoogleIdToken idToken = null;
+        try {
+            idToken = verifier.verify(idTokenString);
+        } catch (Exception ignore) { }
+        assert idToken != null;
+        return idToken.getPayload();
+    }
+
+    public Manager createManagerFromToken(String idTokenString) {
+        GoogleIdToken.Payload payload = this.createPayloadFromToken(idTokenString);
+        Manager newManager = new Manager();
+        newManager.setFirstName((String) payload.get("given_name"));
+        newManager.setLastName((String) payload.get("family_name"));
+        newManager.setEmail(payload.getEmail());
+        newManager.setGoogleId(payload.getSubject());
+        newManager.setImageUrl((String) payload.get("picture"));
+        return newManager;
+    }
+
+    public boolean hasTokenHeader(ServerWebExchange serverWebExchange) {
+        HttpHeaders headers = serverWebExchange
+                .getRequest()
+                .getHeaders();
+        String accessToken = headers
+                .getFirst("Authorization");
+        return !isNull(accessToken);
+    }
+
+    public String getTokenHeader(ServerWebExchange serverWebExchange) {
+        HttpHeaders headers = serverWebExchange
+                .getRequest()
+                .getHeaders();
+        String accessToken = headers
+                .getFirst("Authorization")
+                .replace("Bearer ", "");
+        return accessToken;
+    }
+}