I have a Java Web Application that gets information from the user. Before processing the information I wanted to make sure the email entered by the user belongs to the community.
I was originally going to have a file listing everyone int the community's email address. Upon submit, grab the email and ensure it exists in the master file.
Can anyone recommend how to do this with Google App Engine platform?
Thanks so much!
UserService userService = UserServiceFactory.getUserService();
User user = userService.getCurrentUser();
if (user == null) {
response.sendRedirect( "/login" );
}
out.print( user.getNickname() );
You can obtain the email address from the User class above. The code above checks if a user is already logged into the google account. There is Open authorization protocol that would enable you to see if the visitor is already logged into a site that supports oAuth protocol (like Facebook etc).
Related
I am developing a solution that needs an token to request a rest API. I want in the beginning of my code to popup a window to user and receive an answer with a token.
I am developing an intention at JetBrains MPS that demands permission from the user to do so. I read this on GitHub: https://github.com/AzureAD/azure-activedirectory-library-for-java/
The problem is that I need to input the username and password as a string, not through a Azure site.
I wish my code could look like this
azureADHelper foo = new azureADHelper()
string userType = "admin"
string companyWebName = "https://stackoverflow.com/"
foo.askUserIdentity(userType, companyWebName)
if (foo.permission == true){
string token = foo.getToken()
}
Azure Active Directory provides several libraries for different platform. For java "ADAL4J" library is used.
I hope the below code screenshot will help to address your issue:
You can check the below sample to configure azure ad in java.
https://github.com/Azure-Samples/active-directory-java-webapp-openidconnect
On android client, I create Credentials, then choose account using AccountPicker and set the account name. On GAE, I have User parameter in every endpoint method. (I described it here)
Android Client ID, Web client ID and audiences are configured correctly.
On endpoint, the user is not null and has correct email set. But when I call user.getUserId() I get null. Is this user authenticated or not?... It really makes me nervous not to know that...
What you describe is odd, and I don't know why you get null when you call getUserId(), but never-the-less I would say, Yes, you are authenticated.
If you want to be sure, then you could try using that authentication from a web client - I read that once you have authenticated an Android user you are automatically given minimal account authentication for web too. So create a minimal servlet that includes the following code:
UserService userService = UserServiceFactory.getUserService();
User user = userService.getCurrentUser();
Load the page while signed in with the same account you authenticated from Android and see whether it acts like it already knows you, or whether it prompts the user as it would for a different, un-authenticated user.
This is a bug on google's side.
There seems to be a clunky workaround: save User to datastore and read it back.
How can I get twitter email Id on my web site.
I am using twitter4j api.
But while getting email it shows
Email: Twitter does not provide this!
In twitter4j api no method available to get email
user = twitter.showUser(twitter.getId());
twitterUser = new TwitterUser(user.getId(),user.getName(),user.getScreenName(),user.getLocation(),
user.getDescription(),user.getProfileImageURL().toString(),
user.getFollowersCount(),user.getFriendsCount(),user.getFavouritesCount(),user.getStatusesCount(),
user.getListedCount(),user.getCreatedAt().toString(),user.getTimeZone(),user.getUtcOffset(),
user.getLang(),user.getURL()!=null?user.getURL().toString():null);
Is there any way to get this.
Is there any othe api to get email and /FirstName/LastName .
Please suggest any solution for this.
Twitter does not provide an API for email retrieval. From their FAQ:
How do I obtain a user's email address?
If you'd like a user's email address, you'll need to ask a user for it within the confines of your own application and service. The Twitter API does not provide the user's email address as part of the OAuth token negotiation process nor does it offer other means to obtain it.
If you have a user's ID or screen name, you can get any additional information from the Twitter4J User interface.
I work on google app project and I am struggling a bit with java oauth library (1.10.1-beta).
I followed closely : http://code.google.com/p/google-oauth-java-client/wiki/OAuth2#Authorization_code_flow
Problem is that I dont know from where I should get userId or userEmail. I know there is userinfo API but I am actually trying to create Credentials, so I cannot access userinfo API AFIAK.
My application work nicely on localhost (because of test#example.com user is always there) but fails miserably when deployed in google engine environment (NullPointerException user.getUserId()).
// we ask for token because we got authCode
GoogleTokenResponse gTokenResponse = userUtils.getFlow().newTokenRequest(authCode).setRedirectUri(userUtils.getRedirectUri()).execute();
//trying to search for user email / id / whatever
User user = UserServiceFactory.getUserService().getCurrentUser();
//user is null -> nullPointerException is thrown
userUtils.getFlow().createAndStoreCredential(gTokenResponse, user.getUserId());
Could you please point out a flaw in my use-case or give me a hint ? I searched a lot in SDK samples,Stackoverflow and here but there is not many implementations.
PS: In method AuthorizationCodeFlow.createAndStoreCredential(...) is userId mandatory only when you use persistent storage for Credentials and yes i am using that so userId cannot be null in my case.
Thanks.
You are doing OAUTH (authorization) before you identified your user (authentication). You must redirect your user to the login page when he is not logged in :
UserServiceFactory.getUserService().getCurrentUser() == null
You do that by redirecting the user to the loginUrl :
String loginUrl = userService.createLoginURL(request.getOriginalRef().toString());
The next time the user arrives at your app, he will be logged in, and you can ask for the userId.
My application uses 3-legged authentication (OAuth).
I have the token (user was redirected to google login page to log in)
How can I get the e-mail address he used to authenticate?
you should look up user data using the access token. in facebook, the access token starts with user serial, so you can identify user from token directly. (ex. 123456-someStrangeStringBlahBlah...)
so if exposure of user serial is not problem, make token like facebook.
I think you want to use OpenID attribute exchange. (not OAuth, but Google has a bridge between the two).
See Google's page on their federated login API.
If you are using OAuth1.0 you can extract user email from the contactService by making a request to get for example contact group id. The returned response contains the user email encoded:
"http://www.google.com/m8/feeds/groups/user_email_here%40gmail.com/base/5f062e1e08cb3123"