Created
December 1, 2022 09:51
-
-
Save RICH0423/2cba7694f240931a51fc7cda1343ddf3 to your computer and use it in GitHub Desktop.
Spring Boot authentication with GCP OpenID
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package com.rich.gcp.app; | |
| import com.google.api.client.http.GenericUrl; | |
| import com.google.api.client.http.HttpRequest; | |
| import com.google.api.client.http.HttpResponse; | |
| import com.google.api.client.http.HttpTransport; | |
| import com.google.api.client.http.javanet.NetHttpTransport; | |
| import com.google.api.gax.core.CredentialsProvider; | |
| import com.google.auth.http.HttpCredentialsAdapter; | |
| import com.google.auth.oauth2.GoogleCredentials; | |
| import com.google.auth.oauth2.IdTokenCredentials; | |
| import com.google.auth.oauth2.IdTokenProvider; | |
| import com.google.cloud.spring.core.GcpProjectIdProvider; | |
| import com.google.common.base.Charsets; | |
| import com.google.common.io.CharStreams; | |
| import org.springframework.beans.factory.annotation.Autowired; | |
| import org.springframework.boot.CommandLineRunner; | |
| import org.springframework.boot.SpringApplication; | |
| import org.springframework.boot.autoconfigure.SpringBootApplication; | |
| import java.io.IOException; | |
| import java.io.InputStreamReader; | |
| @SpringBootApplication | |
| public class Application implements CommandLineRunner { | |
| private static String SERVICE_URL = "https://hello-spring-auth-yrufibgptq-de.a.run.app"; | |
| @Autowired | |
| GcpProjectIdProvider gcpProjectIdProvider; | |
| @Autowired | |
| CredentialsProvider credentialsProvider; | |
| public static void main(String[] args) { | |
| SpringApplication.run(Application.class, args); | |
| } | |
| @Override | |
| public void run(String... args) throws Exception { | |
| System.out.println(gcpProjectIdProvider.getProjectId()); | |
| GoogleCredentials credentials = (GoogleCredentials) credentialsProvider.getCredentials(); | |
| if (!(credentials instanceof IdTokenProvider)) { | |
| throw new IllegalArgumentException("Credentials are not an instance of IdTokenProvider."); | |
| } | |
| IdTokenCredentials tokenCredential = | |
| IdTokenCredentials.newBuilder() | |
| .setIdTokenProvider((IdTokenProvider) credentials) | |
| .setTargetAudience(SERVICE_URL) | |
| .build(); | |
| invokeService(tokenCredential); | |
| } | |
| private void invokeService(IdTokenCredentials tokenCredential) throws IOException { | |
| GenericUrl genericUrl = new GenericUrl(SERVICE_URL); | |
| HttpCredentialsAdapter adapter = new HttpCredentialsAdapter(tokenCredential); | |
| HttpTransport transport = new NetHttpTransport(); | |
| HttpRequest request = transport.createRequestFactory(adapter).buildGetRequest(genericUrl); | |
| HttpResponse response = request.execute(); | |
| int statusCode = response.getStatusCode(); | |
| if (statusCode != 200) { | |
| throw new IOException( | |
| "Bad status code: " + statusCode + " error: " + response.getStatusMessage()); | |
| } | |
| String body = CharStreams | |
| .toString(new InputStreamReader(response.getContent(), Charsets.UTF_8)); | |
| System.out.println(body); | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment