OAuth 2.0 using Grails Part – 1

Following steps need to be followed for OAuth 2.0 authentication :

(1) Obtain OAuth 2.0 credentials from the Google Developers Console:

First you need to have a google account. create a project at Google Developers Console after logging into your Google account. Click on the project name go to “APIs and auth” click on credentianls and then create a client ID. You will get client id and client secret which is required for OAuth 2.0 authentication . You also need to add Javascript origin and redirect URI’s by clicking on edit settings.

Let us assume javascript origin is “http://localhost:8080/”
and redirect URI is “http://localhost:8080/TestOAuth/google/success”

(2) Get authorization code.

First you need to obtain authorization code in order to get the access token.
You need to have a link where a user can click to initiate the process of OAuth 2.0
The link should be as follows:

[html]

<a href="https://accounts.google.com/o/oauth2/auth?redirect_uri=http%3A%2F%2Flocalhost:8080%2FTestOAuth%2Fgoogle%2Fsuccess
&
response_type=code
&
client_id={your client id}
&
scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile
&
approval_prompt=force
&
access_type=offline"> SignInWithGoogle </a>

[/html]

After clicking on the above link you need to login using google account . After logging in you will be redirected to “http://localhost:8080/TestOAuth/google/success?code={authorization code}”

You can get the authorization code token from Querystring

(3) Exchange authorization code for access token

Place the following line in BuildConfig.groovy

[java]
plugins {
runtime ":rest:0.7"
}
[/java]

This plugin is required to make Get and POST Requests

In the GoogleController.groovy we need to have a success action as follows:

[java]
def success(String code) {
String googleaccesstoken = ""
JSONObject googleJsonResponseForAccessToken
def http = new HTTPBuilder(‘http://localhost:8080/’)
http.request(POST) {
uri.path = "https://accounts.google.com/o/oauth2/token"
requestContentType = "application/x-www-form-urlencoded"
body = [code: "${code}",
client_id: "{Client ID}",
client_secret: "{Client Secret}",
redirect_uri: "http://localhost:8080/TestOAuth/google/success",
grant_type: "authorization_code"]

response.success = { resp, json ->
println "POST response status: ${resp.statusLine}"
googleJsonResponseForAccessToken = json
googleaccesstoken = json.access_token
}
}

}

[/java]

In the above code we are making a POST request to and in response we will get following json

[java]
{
"access_token": {access_token},
"token_type": "Bearer",
"expires_in": 3600,
"refresh_token": {refresh_token},
"id_token": {id_token}
}
[/java]

This response is stored in json object of response.success method in the above code . we have stored the value of access_token in variable “googleaccesstoken” in the code above.

(4) Get UserInfo from access_token

To get the information of the user you need to make following request:

[java]
JSONObject userInfo
http.request(GET) {
uri.path = "https://www.googleapis.com/userinfo/v2/me"
uri.query = [accesstoken:googleaccesstoken]
headers.’Authorization’="Bearer ${googleaccesstoken}"
response.success = { resp, json ->
println "Get response status: ${resp.statusLine}"
userInfo=json
}
}
render "User Name :: "+userInfo.name
render "User Id :: "+userInfo.id

[/java]

In the above code we have used the access_token which we got from the json response in step (3)