completed google validation of token

5c290618 · Alex Pinto · f272d0f9 · 5c290618 · 5c290618 · 5c290618
Commit 5c290618 authored May 08, 2021 by Alex Pinto
4 changed files
--- a/pom.xml
+++ b/pom.xml
@@ -74,6 +74,12 @@
 			<artifactId>httpclient</artifactId>
 			<scope>test</scope>
 		</dependency>
+
+		<dependency>
+			<groupId>com.google.api-client</groupId>
+			<artifactId>google-api-client</artifactId>
+			<version>1.31.2</version>
+		</dependency>
 	</dependencies>

 	<build>

--- a/src/main/java/com/ascendfinalproject/warehouse/controllers/AuthenticationController.java
+++ b/src/main/java/com/ascendfinalproject/warehouse/controllers/AuthenticationController.java
+package com.ascendfinalproject.warehouse.controllers;
+
+import com.ascendfinalproject.warehouse.models.Session;
+import com.ascendfinalproject.warehouse.services.SessionService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+
+@RestController
+@RequestMapping(value = "")
+public class AuthenticationController {
+
+    @Autowired
+    SessionService sessionService;
+
+    @CrossOrigin
+    @PostMapping(value = "/auth")
+    public ResponseEntity<Session> authenticate(@RequestBody Session session) {
+        return sessionService.authenticate(session);
+    }
+
+}
--- a/src/main/java/com/ascendfinalproject/warehouse/controllers/WarehouseController.java
+++ b/src/main/java/com/ascendfinalproject/warehouse/controllers/WarehouseController.java
@@ -18,9 +18,6 @@ public class WarehouseController {
  @Autowired
  WarehouseOrderService orderService;

-  @Autowired
-  SessionService sessionService;
-
  @CrossOrigin
  @GetMapping(value = "/orders")
  public Flux<WarehouseOrder> getOrders() {
@@ -45,14 +42,5 @@ public class WarehouseController {
    return orderService.updateOrder(order, id);
  }

-  @CrossOrigin
-  @PostMapping(value = "/authenticate")
-  public Session authenticate(@RequestBody Session session) {
-    if(sessionService.tokenExists(session)) {
-      return session;
-    }
-    return sessionService.saveToken(session);
-  }
-

 }
--- a/src/main/java/com/ascendfinalproject/warehouse/services/SessionService.java
+++ b/src/main/java/com/ascendfinalproject/warehouse/services/SessionService.java
 package com.ascendfinalproject.warehouse.services;

 import com.ascendfinalproject.warehouse.models.Session;
-import com.ascendfinalproject.warehouse.repositories.SessionRepository;
-import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
 import org.springframework.stereotype.Service;

+import java.net.HttpURLConnection;
+import java.net.URL;
+
 @Service
 public class SessionService {

-    @Autowired
-    SessionRepository sessionRepository;
+    public ResponseEntity<Session> authenticate(Session session) {
+        int status = 404;
+        try {
+            URL url = new URL("https://oauth2.googleapis.com/tokeninfo?id_token=" + session.getToken());
+            HttpURLConnection con = (HttpURLConnection) url.openConnection();
+            con.setRequestMethod("GET");
+            status = con.getResponseCode();
+        }
+        catch(Exception e) {
+            System.out.println("Bad Request: " + status);
+        }
+
+        if(status == 200) {
+            return ResponseEntity
+                    .status(HttpStatus.ACCEPTED)
+                    .body(session);
+        }
+        return ResponseEntity
+                .status(HttpStatus.BAD_REQUEST)
+                .body(null);

-    public Session saveToken(Session session) {
-        return sessionRepository.save(session);
-    }

-    public boolean tokenExists(Session session) {
-        return sessionRepository.existsById(session.getToken());
    }