Name

GAuth — implement a Google-specific OAuth consumer

Overview

The GAuth component is used by web applications to implement a Google-specific OAuth consumer. Although this component belongs to the Camel Components for Google App Engine (GAE), it can also be used to OAuth-enable non-GAE web applications. For a detailed description of Google's OAuth implementation refer to the Google OAuth API reference.

URI format

The URI format for a GAuth endpoint is:

gauth://name[?options]

name can be either authorize or upgrade. An authorize endpoint is used to obtain an unauthorized request token from Google and to redirect the user to the authorization page. The upgrade endpoint is used to process OAuth callbacks from Google and to upgrade an authorized request token to a long-lived access token.

Dependencies

Maven users will need to add a dependency on camel-gae to their poms as shown in Example 5, “GAuth dependency”.

Example 5. GAuth dependency

<dependency>
    <groupId>org.apache.camel</groupId>
    <artifactId>camel-gae</artifactId>
    <version>x.x.x</version>
    <!-- use the same version as your Camel core version -->
</dependency>

Options

Table 16, “GAuth options” lists the options for a GAuth endpoint.

Table 16. GAuth options

NameRequiredDescription
callbacktrue [a]Specifies the URL to where users are redirected after having granted or denied access.
scopetrue [b] Specifies the URL identifying the service(s) to be accessed. To specify more than one scope, list each one separated with a comma.
consumerKeytrue [c] Specifies the domain identifying the web application. This is the domain used when registering the application with Google. For a non-registered application use anonymous.
consumerSecretif keyLoaderRef is not specified[c]Specifies the consumer secret of the web application. The consumer secret is generated when registering the application with Google. It is needed if the HMAC-SHA1 signature method shall be used. For a non-registered application use anonymous.
keyLoaderRefif consumerSecret is not specified[c]

Specifies a reference to a private key loader in the registry.

The camel-gae module contains two key loaders:

  • GAuthPk8Loader—loads a private key from a PKCS#8 file

  • GAuthJksLoader—loads a private key from a Java key store. It is needed if the RSA-SHA1 signature method shall be used.

These classes are defined in the org.apache.camel.component.gae.auth package.

authorizeBindingReffalseSpecifies a reference to a OutboundBinding<GAuthEndpoint, GoogleOAuthParameters, GoogleOAuthParameters> in the registry for customizing how an exchange is bound to GoogleOAuthParameters. This binding is used for the authorization phase.
upgradeBindingReffalseSpecifies a reference to a OutboundBinding<GAuthEndpoint, GoogleOAuthParameters, GoogleOAuthParameters> in the registry for customizing how an exchange is bound to GoogleOAuthParameters. This binding is used for the token upgrade phase.

[a] can alternatively be set via the GAuthAuthorizeBinding.GAUTH_CALLBACK message header

[b] can alternatively be set via GAuthAuthorizeBinding.GAUTH_SCOPE message header

[c] can alternatively be set on component-level


Message headers

The following message headers can be used to affect the behavior of the component:

NameEndpointMessageDescription
GAuthAuthorizeBinding.GAUTH_CALLBACKgauth:authorizeINOverrides the callback option.
GAuthAuthorizeBinding.GAUTH_SCOPEgauth:authorizeINOverrides the scope option.
GAuthUpgradeBinding.GAUTH_ACCESS_TOKENgauth:upgradeOUTContains the long-lived access token. This token should be stored by the applications in context of a user.
GAuthUpgradeBinding.GAUTH_ACCESS_TOKEN_SECRETgauth:upgradeOUTContains the access token secret. This token secret should be stored by the applications in context of a user.

Related topics

Google-specific OAuth