Implement OAuth 2.0 authentication for Google Storage service

Issue #91 resolved
James Murty
repo owner created an issue

Comments (3)

  1. James Murty reporter
    • changed status to open

    I have completed the initial work for adding support for OAuth2 auth in the Google Storage service on the default branch, see: 29b15dad7c6e I'd appreciate having other folks test the latest code and report bugs.

    The OAuth-related features seem to be working OK, though more testing is definitely required. Since OAuth involves browser-based flows, manual user logins etc etc it is difficult to test in an automated way but I will outline a process below that shows a realistic scenario.

    NOTE: This example workflow assumes you have already set up OAuth 2.0 API access for your default project in Google's system, see http://code.google.com/apis/accounts/docs/OAuth2.html#Registering

    // Create an OAuth utilities class to do the hard work
    OAuthUtils utils = new OAuthUtils(
        OAuthUtils.OAuthImplementation.GOOGLE_STORAGE_OAUTH2_10,
        YOUR_CLIENT_ID,
        YOUR_CLIENT_SECRET);
    
    // Print a URL for authorizing read-only operations
    String authURL = utils.generateBrowserUrlToAuthorizeNativeApplication(
        OAuthConstants.GSOAuth2_10.Scopes.ReadOnly);
    System.out.println(authURL);
    
    // Load this Authorization URL in your web browser, log in and grant the 
    // authorization permission, and copy the generated "code" value
    
    // Convert the authorization code into access/refresh tokens
    OAuth2Tokens tokens = utils.retrieveOAuth2TokensFromAuthorization(
        AUTHORIZATION_CODE_FROM_WEB_BROWSER);
    
    // Create a Google Storage service that knows your OAuth2 client credentials
    // so it can automatically refresh expired/stale access tokens
    GoogleStorageService gsService = new GoogleStorageService(
        new OAuth2Credentials(YOUR_CLIENT_ID, YOUR_CLIENT_SECRET));
    
    // Provide the service with the initial OAuth tokens you acquired above
    gsService.setOAuth2Tokens(tokens);
    
    // Perform service read operations as usual (writes should be forbidden)
    StorageBucket[] buckets = gsService.listAllBuckets();
    
  2. Log in to comment