Google Auth с Android на стороне клиента и узлом js в качестве сервера
Я искал много ссылок, но не нашел учебника по поводу: https://developers.google.com/identity/sign-in/android/backend-auth
Я хочу настроить свой внутренний сервер для аутентификации Google
мой код Android:
public class SignInActivity extends AppCompatActivity {
SharedPreferences.Editor editor;
GoogleSignInClient mGoogleSignInClient;
private int RC_SIGN_IN = 101;
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_sign_in);
SignInButton signInButton = findViewById(R.id.sign_in_button);
signInButton.setSize(SignInButton.SIZE_STANDARD);
GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
.requestEmail()
.build();
mGoogleSignInClient = GoogleSignIn.getClient(this, gso);
//Shared Preferences Editor
editor = PreferenceManager.getDefaultSharedPreferences(this).edit();
// Callback registration
signInButton.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View view) {
Intent signInIntent = mGoogleSignInClient.getSignInIntent();
startActivityForResult(signInIntent, RC_SIGN_IN);
}
});
}
@Override
public void onActivityResult(int requestCode, int resultCode, Intent data) {
super.onActivityResult(requestCode, resultCode, data);
// Result returned from launching the Intent from GoogleSignInClient.getSignInIntent(...);
if (requestCode == RC_SIGN_IN) {
// The Task returned from this call is always completed, no need to attach
// a listener.
Task<GoogleSignInAccount> task = GoogleSignIn.getSignedInAccountFromIntent(data);
handleSignInResult(task);
}
}
private void handleSignInResult(Task<GoogleSignInAccount> completedTask) {
try {
GoogleSignInAccount account = completedTask.getResult(ApiException.class);
String idToken = account.getIdToken();
// Signed in successfully, show authenticated UI.
} catch (ApiException e) {
// The ApiException status code indicates the detailed failure reason.
// Please refer to the GoogleSignInStatusCodes class reference for more information.
}
}}
Как конвертировать Google idToken в токен jwt, когда Facebook входит в мое приложение js:
Файл моего узла js Authentication.je:
var passport = require('passport');
var LocalStrategy = require('passport-local').Strategy;
var User = require('./models/user');
var JwtStrategy = require('passport-jwt').Strategy;
var ExtractJwt = require('passport-jwt').ExtractJwt;
var jwt = require('jsonwebtoken');
var FacebookTokenStrategy = require('passport-facebook-token');
var config = require('./config');
exports.local = passport.use(new LocalStrategy(User.authenticate()));
passport.serializeUser(User.serializeUser());
passport.deserializeUser(User.deserializeUser());
exports.getToken = function(user) {
return jwt.sign(user,config.secretKey,
{expiresIn:3600});
};
var opts = {};
opts.jwtFromRequest = ExtractJwt.fromAuthHeaderAsBearerToken();
opts.secretOrKey = config.secretKey;
exports.jwtPassport = passport.use(new JwtStrategy(opts,
(jwt_payload,done) => {
console.log("JWT payload: ",jwt_payload);
User.findOne({_id: jwt_payload._id},(err,user) => {
if(err) {
return done(err,false);
} else if (user) {
return done(null,user);
} else {
return done(null,false);
}
});
}));
exports.verifyAdmin = (req,res,next) => {
if(req.user.admin){
next();
}else{
err = new Error('You are not authorized to perform this operation!');
err.status = 403;
next(err);
}
};
exports.verifyUser = passport.authenticate('jwt',{session : false});
exports.facebookPassport = passport.use
(new FacebookTokenStrategy({
clientID : config.facebook.clientId,
clientSecret : config.facebook.clientSecret
},(accessToken, refreshToken ,profile, done) => {
console.log(accessToken);
User.findOne({facebookId : profile.id},(err,user) => {
if(err){
return done(err,false);
}
if(!err && user!=null){
return done(null,user);
}else{
user = new User({username : profile.displayName});
user.facebookId = profile.id;
user.firstname = profile.name.givenName;
user.lastname = profile.name.familyName;
user.save((err,user) => {
if(err)
return done(err,false);
else
return done(null,user);
});
}
});
}));
Ссылки, которые я посетил: https://developers.google.com/identity/sign-in/android/backend-auth