Skip to content

phillipgreenii/google-oauth-2.0-serverauthmodule

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
April 1, 2012 12:21
December 12, 2019 13:43
February 17, 2016 20:31
July 1, 2021 09:04
October 13, 2020 08:11
February 17, 2016 20:31

Overview

Build Status

Google OAuth 2.0 ServerAuthModule is a ServerAuthModule (SAM), JSR-196 (JASPIC) Spec, implementation of Google OAuth 2.0: com.idmworks.security.google.GoogleOAuthServerAuthModule. It optionally supports the LoginModule Bridge Profile.

Installation

Copy google-oauth-2_0-sam-0.1.x.jar into the class path of the application server. See Installation for application server specific instructions.

Configuration

Before you can authenticate with Google OAuth, you will need to create a Client ID for your web application at Client ID API Console.

Next, the GoogleOAuthServerAuthModule needs added to the application server. See Configuration for application server specific instructions.

GoogleOAuthServerAuthModule

The following attributes can be used to configure com.idmworks.security.google.GoogleOAuthServerAuthModule.

oauth.clientid (REQUIRED)

oauth.clientid must be set to a "Client ID" from Client ID API Console.

oauth.clientsecret (REQUIRED)

oauth.clientsecret must be set to the "Client Secret" from Client ID API Console of the "Client ID" specified in oauth.clientid.

oauth.endpoint (optional)

default: https://accounts.google.com/o/oauth2/auth

oauth.endpoint is the URI that will be connect to for the OAuth authentication (Google).

oauth.callback_uri (optional)

default: /j_oauth_callback

oauth.callback_uri is the URI that Google will redirect to after the user responds to the request. This should correspond to "Redirect URIs" value defined in the Client ID API Console.

javax.security.auth.login.LoginContext (optional)

default: "com.idmworks.security.google.GoogleOAuthServerAuthModule"

With LoginModule Bridge Profile, javax.security.auth.login.LoginContext is where you define the name of the LoginContext to use.

ignore_missing_login_context (optional)

default: "false"

GoogleOAuthServerAuthModule is configured by default to support the LoginModule Bridge Profile. If you set ignore_missing_login_context to true (in the case when you don't want to use any LoginModules), there will be no error when a LoginContext isn't found.

add_domain_as_group (optional)

default: "false"

If add_domain_as_group is true, then the domain of the email address of the authenticated user will be added as a group. IE: "idmworks.com" will be a principal added as a group for the user "phillip.green@idmworks.com".

default_groups (optional)

default: ""

default_groups is a comma (",") separated list of groups that will be given to the principal upon successful authentication.

Usage

The configured GoogleOAuthServerAuthModule needs specified in the application server specific configuration for each application. See Usage for application server specific instructions.

Common Problems

See Common Problems.

References