Is there a way to use another OAuth2 provider with Google Cloud Endpoints? I mean for example, get authentication from Facebook and use it the same way we use Google Account Auth (using gapi js and putting User class on @ApiMethod
)
有没有办法将另一个OAuth2提供商与Google Cloud Endpoints一起使用?我的意思是,例如,从Facebook获取身份验证并使用它与我们使用Google帐户身份验证相同(使用gapi js并将User类放在@ApiMethod上)
4 个解决方案
#1
5
No. I came across someone else asking this question and the answer from the google folks (if I remember correctly) was that the endpoints user authentication currently only supports Google accounts.
不,我遇到了其他人问这个问题,谷歌人的答案(如果我没记错的话)是端点用户身份验证目前只支持谷歌帐户。
#2
7
You have to implement your own Authenticator
and update @Api
configuration. Based on this answer a simple authenticator will look like this:
您必须实现自己的身份验证器并更新@Api配置。根据这个答案,一个简单的身份验证器将如下所示:
public class MyAuthenticator implements Authenticator {
@Override
public User authenticate(HttpServletRequest request) {
String token = request.getHeader("Authorization");
if (token != null) {
// apply your Facebook/Twitter/OAuth2 authentication
String user = authenticate(token);
if (user != null) {
return new User(user);
}
}
return null;
}
}
And your API definition
和你的API定义
@Api(name = "example", authenticators = {MyAuthenticator.class})
More about custom authenticators you can find in Google documentation.
有关自定义身份验证器的更多信息,请参阅Google文档。
#3
2
I wrote an example exchanging a Facebook access token for one generated by my application, and validating it from within an endpoints method:
我写了一个示例,为我的应用程序生成的一个Facebook访问令牌交换,并在端点方法中验证它:
https://github.com/loudnate/appengine-endpoints-auth-example
https://github.com/loudnate/appengine-endpoints-auth-example
#4
2
Google Cloud Endpoints allow you to recover User, HttpServletRequest and HttpServletContext into you API methods by injecting it as parameters.
Google Cloud Endpoints允许您将User,HttpServletRequest和HttpServletContext恢复为API方法,方法是将其作为参数注入。
It is not OAuth2 but here is a begining of a solution: https://www.yanchware.com/custom-authentication-for-google-cloud-endpoints/
它不是OAuth2,但这是一个解决方案的开头:https://www.yanchware.com/custom-authentication-for-google-cloud-endpoints/
The proposed solution is to inject HttpServletRequest in specific api methods to access the session.
建议的解决方案是在特定的api方法中注入HttpServletRequest以访问会话。
#1
5
No. I came across someone else asking this question and the answer from the google folks (if I remember correctly) was that the endpoints user authentication currently only supports Google accounts.
不,我遇到了其他人问这个问题,谷歌人的答案(如果我没记错的话)是端点用户身份验证目前只支持谷歌帐户。
#2
7
You have to implement your own Authenticator
and update @Api
configuration. Based on this answer a simple authenticator will look like this:
您必须实现自己的身份验证器并更新@Api配置。根据这个答案,一个简单的身份验证器将如下所示:
public class MyAuthenticator implements Authenticator {
@Override
public User authenticate(HttpServletRequest request) {
String token = request.getHeader("Authorization");
if (token != null) {
// apply your Facebook/Twitter/OAuth2 authentication
String user = authenticate(token);
if (user != null) {
return new User(user);
}
}
return null;
}
}
And your API definition
和你的API定义
@Api(name = "example", authenticators = {MyAuthenticator.class})
More about custom authenticators you can find in Google documentation.
有关自定义身份验证器的更多信息,请参阅Google文档。
#3
2
I wrote an example exchanging a Facebook access token for one generated by my application, and validating it from within an endpoints method:
我写了一个示例,为我的应用程序生成的一个Facebook访问令牌交换,并在端点方法中验证它:
https://github.com/loudnate/appengine-endpoints-auth-example
https://github.com/loudnate/appengine-endpoints-auth-example
#4
2
Google Cloud Endpoints allow you to recover User, HttpServletRequest and HttpServletContext into you API methods by injecting it as parameters.
Google Cloud Endpoints允许您将User,HttpServletRequest和HttpServletContext恢复为API方法,方法是将其作为参数注入。
It is not OAuth2 but here is a begining of a solution: https://www.yanchware.com/custom-authentication-for-google-cloud-endpoints/
它不是OAuth2,但这是一个解决方案的开头:https://www.yanchware.com/custom-authentication-for-google-cloud-endpoints/
The proposed solution is to inject HttpServletRequest in specific api methods to access the session.
建议的解决方案是在特定的api方法中注入HttpServletRequest以访问会话。