001/* 002 * Copyright 2022 Anyware Services 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 */ 016package org.ametys.plugins.extrausermgt.authentication.oidc; 017 018import java.net.MalformedURLException; 019import java.net.URI; 020import java.net.URL; 021 022import org.ametys.runtime.authentication.AccessDeniedException; 023 024import com.nimbusds.oauth2.sdk.Scope; 025import com.nimbusds.oauth2.sdk.id.Issuer; 026 027/** 028 * Sign in through Google, using the OpenId Connect protocol. 029 */ 030public class GoogleCredentialProvider extends AbstractOIDCCredentialProvider 031{ 032 private final Scope _scopeGg = new Scope("openid", "email", "profile"); 033 034 @Override 035 protected void initUrisScope() throws AccessDeniedException 036 { 037 try 038 { 039 _authUri = URI.create("https://accounts.google.com/o/oauth2/v2/auth?prompt=consent"); 040 _tokenEndpointUri = URI.create("https://oauth2.googleapis.com/token"); 041 _iss = new Issuer("https://accounts.google.com"); 042 _jwkSetURL = new URL("https://www.googleapis.com/oauth2/v3/certs"); 043 _userInfoEndpoint = URI.create("https://www.googleapis.com/oauth2/v3/userinfo"); 044 _scope = _scopeGg; 045 } 046 catch (MalformedURLException e) 047 { 048 getLogger().error("Encountered a problem when creating the jwkSetURL", e); 049 throw new AccessDeniedException("Encountered a problem when creating the jwkSetURL"); 050 } 051 } 052}