我使用的是谷歌,OAuth的客户1.22.0.jar 。
我有一个Java服务器,其静态Service Account凭据可以通过Google Cloud进行身份验证。
这是我使用的显着代码。
这里的关键是添加一个CredentialRefreshListener
,当您成功通过身份验证后,Google OAuth客户端库将调用并为您提供一个可以序列化和存储的StoredCredential
对象。通过编写或实例化接口的实现,您可以将其存储并检索到您选择的位置。您的DataStore
实现是使用DataStoreFactory
实现构建的。
在构建我的GoogleCredential
后,我可以从我的DataStore
中读取最后一个访问令牌,刷新令牌和到期日期。 如果访问令牌不会即将过期,那么Google客户端API将使用它登录。 当它即将过期时,或者这是第一次调用此代码时,Google Client API将调用刷新监听器,它将存储第一个访问令牌,刷新令牌和到期日期。
import com.google.api.client.auth.oauth2.DataStoreCredentialRefreshListener;
import com.google.api.client.auth.oauth2.StoredCredential;
import com.google.api.client.googleapis.auth.oauth2.GoogleCredential;
import com.google.api.client.googleapis.javanet.GoogleNetHttpTransport;
import com.google.api.client.http.HttpTransport;
import com.google.api.client.json.JsonFactory;
import com.google.api.client.json.jackson2.JacksonFactory;
import com.google.api.client.util.IOUtils;
import com.google.api.client.util.store.AbstractDataStore;
import com.google.api.client.util.store.AbstractDataStoreFactory;
import com.google.api.client.util.store.DataStore;
import com.google.api.client.util.store.DataStoreFactory;
import com.google.api.services.storage.Storage;
import com.google.api.services.storage.StorageScopes;
import com.google.api.services.storage.model.StorageObject;
import java.io.IOException;
import java.io.Serializable;
import java.util.Base64;
public class StackOverflow {
public static void main(final String... args) throws Exception {
final String clientEmail = "[email protected]";
final HttpTransport transport = GoogleNetHttpTransport.newTrustedTransport();
final JsonFactory jsonFactory = new JacksonFactory();
// This implementation generates an that stores and retrieves StoredCredential objects
final DataStoreFactory dataStoreFactory = new AbstractDataStoreFactory() {
@Override
protected <V extends Serializable> DataStore<V> createDataStore(final String id) {
return new MyDataStore<>(this, id);
}
};
// construct a GoogleCredential object to access Google Cloud
final GoogleCredential credential = new GoogleCredential.Builder()
.setTransport(transport)
.setJsonFactory(jsonFactory)
.setServiceAccountId(clientEmail)
.setServiceAccountScopes(StorageScopes.all())
.setServiceAccountPrivateKey(readEncryptedPemFile())
.setServiceAccountPrivateKeyId("___static_get_this_from_google_console___")
.addRefreshListener(new DataStoreCredentialRefreshListener(clientEmail, dataStoreFactory))
.build();
// See I have an access token, refresh token and expiration date stored in my DataStore.
// If so, set them on the GoogleCredential
final StoredCredential storedCredential = StoredCredential.getDefaultDataStore(dataStoreFactory).get(clientEmail);
if (storedCredential != null) {
credential.setAccessToken(storedCredential.getAccessToken());
credential.setRefreshToken(storedCredential.getRefreshToken());
credential.setExpirationTimeMilliseconds(storedCredential.getExpirationTimeMilliseconds());
}
// Now I can use Google Cloud
final Storage storage = new Storage.Builder(credential.getTransport(), credential.getJsonFactory(), credential).setApplicationName("Aimless").build();
storage.objects().insert("soem bucket", new StorageObject());
}
private static class MyDataStore<V extends Serializable> extends AbstractDataStore<V> {
MyDataStore(DataStoreFactory dataStoreFactory1, String id1) {
super(dataStoreFactory1, id1);
}
@Override
public DataStore<V> set(String key, V value) throws IOException {
final String encoded = Base64.getEncoder().encodeToString(IOUtils.serialize(value));
db.save(key, encoded);
return this;
}
@Override
public V get(String key) throws IOException {
final String encoded = db.get(key);
if (encoded == null) {
return null;
}
return IOUtils.deserialize(Base64.getDecoder().decode(encoded));
}
// etc.
}