Note that if there is no currently logged-in user, #getUserId(HttpServletRequest) will
throw a NullPointerException. Example to require login for all pages:
@Override
protected AuthorizationCodeFlow initializeFlow() throws IOException {
return new AuthorizationCodeFlow.Builder(BearerToken.authorizationHeaderAccessMethod(),
new UrlFetchTransport(),
new GsonFactory(),
new GenericUrl("https://server.example.com/token"),
new BasicAuthentication("s6BhdRkqt3", "7Fjfp0ZBr1KtDRbnfVdmIw"),
"s6BhdRkqt3",
"https://server.example.com/authorize").setCredentialStore(new AppEngineCredentialStore())
.build();
}
}
Note that if there is no currently logged-in user, #getUserId(HttpServletRequest) will
throw a NullPointerException. Example to require login for all pages:
publicclassServletSampleextendsAbstractAppEngineAuthorizationCodeServlet{@OverrideprotectedvoiddoGet(HttpServletRequestrequest,HttpServletResponseresponse)throwsIOException{// do stuff}@OverrideprotectedStringgetRedirectUri(HttpServletRequestreq)throwsServletException,IOException{GenericUrlurl=newGenericUrl(req.getRequestURL().toString());url.setRawPath("/oauth2callback");returnurl.build();}@OverrideprotectedAuthorizationCodeFlowinitializeFlow()throwsIOException{returnnewAuthorizationCodeFlow.Builder(BearerToken.authorizationHeaderAccessMethod(),newUrlFetchTransport(),newGsonFactory(),newGenericUrl("https://server.example.com/token"),newBasicAuthentication("s6BhdRkqt3","7Fjfp0ZBr1KtDRbnfVdmIw"),"s6BhdRkqt3","https://server.example.com/authorize").setCredentialStore(newAppEngineCredentialStore()).build();}}
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-07 UTC."],[],[],null,["# Package com.google.api.client.extensions.appengine.auth.oauth2.jakarta (1.39.0)\n\nVersion latestkeyboard_arrow_down\n\n- [1.39.0 (latest)](/java/docs/reference/google-oauth-client/latest/com.google.api.client.extensions.appengine.auth.oauth2.jakarta)\n- [1.38.2](/java/docs/reference/google-oauth-client/1.38.2/com.google.api.client.extensions.appengine.auth.oauth2.jakarta)\n- [1.37.0](/java/docs/reference/google-oauth-client/1.37.0/com.google.api.client.extensions.appengine.auth.oauth2.jakarta)\n- [1.36.0](/java/docs/reference/google-oauth-client/1.36.0/com.google.api.client.extensions.appengine.auth.oauth2.jakarta)\n- [1.34.1](/java/docs/reference/google-oauth-client/1.34.1/com.google.api.client.extensions.appengine.auth.oauth2.jakarta)\n- [1.33.3](/java/docs/reference/google-oauth-client/1.33.3/com.google.api.client.extensions.appengine.auth.oauth2.jakarta)\n- [1.32.1](/java/docs/reference/google-oauth-client/1.32.1/com.google.api.client.extensions.appengine.auth.oauth2.jakarta) \nOAuth 2.0 utilities that help simplify the authorization flow on Google App Engine. This package\nuses the `jakarta.servlet` namespace.\n\nClasses\n-------\n\n### [AbstractAppEngineAuthorizationCodeCallbackServlet](/java/docs/reference/google-oauth-client/latest/com.google.api.client.extensions.appengine.auth.oauth2.jakarta.AbstractAppEngineAuthorizationCodeCallbackServlet)\n\nSimple extension of [AbstractAuthorizationCodeCallbackServlet](/java/docs/reference/google-oauth-client/latest/com.google.api.client.extensions.servlet.auth.oauth2.jakarta.AbstractAuthorizationCodeCallbackServlet) that uses the currently\nlogged-in Google Account user, as directed in [Security\nand Authentication](https://cloud.google.com/appengine/docs/standard/java/config/webxml#security-auth). This uses the `jakarta.servlet` namespace.\n\nNote that if there is no currently logged-in user, [#getUserId(HttpServletRequest)](/java/docs/reference/google-oauth-client/latest/com.google.api.client.extensions.appengine.auth.oauth2.jakarta.AbstractAppEngineAuthorizationCodeCallbackServlet#com_google_api_client_extensions_appengine_auth_oauth2_jakarta_AbstractAppEngineAuthorizationCodeCallbackServlet_getUserId_jakarta_servlet_http_HttpServletRequest_) will\nthrow a NullPointerException. Example to require login for all pages:\n\n\\\u003csecurity-constraint\\\u003e\n\\\u003cweb-resource-collection\\\u003e\n\\\u003cweb-resource-name\\\u003eany\\\u003c/web-resource-name\\\u003e\n\\\u003curl-pattern\\\u003e/*\\\u003c/url-pattern\\\u003e\n\\\u003c/web-resource-collection\\\u003e\n\\\u003cauth-constraint\\\u003e\n\\\u003crole-name\\\u003e*\\\u003c/role-name\\\u003e\n\\\u003c/auth-constraint\\\u003e\n\\\u003c/security-constraint\\\u003e\n\nSample usage:\n\n{@code\npublic class ServletCallbackSample extends AbstractAppEngineAuthorizationCodeCallbackServlet {\n\n@Override\nprotected void onSuccess(HttpServletRequest req, HttpServletResponse resp, Credential credential)\nthrows ServletException, IOException {\nresp.sendRedirect(\"/\");\n}\n\n@Override\nprotected void onError(\nHttpServletRequest req, HttpServletResponse resp, AuthorizationCodeResponseUrl errorResponse)\nthrows ServletException, IOException {\n// handle error\n}\n\n@Override\nprotected String getRedirectUri(HttpServletRequest req) throws ServletException, IOException {\nGenericUrl url = new GenericUrl(req.getRequestURL().toString());\nurl.setRawPath(\"/oauth2callback\");\nreturn url.build();\n}\n\n@Override\nprotected AuthorizationCodeFlow initializeFlow() throws IOException {\nreturn new AuthorizationCodeFlow.Builder(BearerToken.authorizationHeaderAccessMethod(),\nnew UrlFetchTransport(),\nnew GsonFactory(),\nnew GenericUrl(\"\u003chttps://server.example.com/token\u003e\"),\nnew BasicAuthentication(\"s6BhdRkqt3\", \"7Fjfp0ZBr1KtDRbnfVdmIw\"),\n\"s6BhdRkqt3\",\n\"\u003chttps://server.example.com/authorize\").setCredentialStore(new\u003e AppEngineCredentialStore())\n.build();\n}\n}\n\n@since 1.36.0\n\n### [AbstractAppEngineAuthorizationCodeServlet](/java/docs/reference/google-oauth-client/latest/com.google.api.client.extensions.appengine.auth.oauth2.jakarta.AbstractAppEngineAuthorizationCodeServlet)\n\nSimple extension of [AbstractAuthorizationCodeServlet](/java/docs/reference/google-oauth-client/latest/com.google.api.client.extensions.servlet.auth.oauth2.jakarta.AbstractAuthorizationCodeServlet) that uses the currently logged-in\nGoogle Account user, as directed in [Security\nand Authentication](https://cloud.google.com/appengine/docs/standard/java/config/webxml#security-auth). This uses the `jakarta.servlet` namespace.\n\nNote that if there is no currently logged-in user, [#getUserId(HttpServletRequest)](/java/docs/reference/google-oauth-client/latest/com.google.api.client.extensions.appengine.auth.oauth2.jakarta.AbstractAppEngineAuthorizationCodeServlet#com_google_api_client_extensions_appengine_auth_oauth2_jakarta_AbstractAppEngineAuthorizationCodeServlet_getUserId_jakarta_servlet_http_HttpServletRequest_) will\nthrow a NullPointerException. Example to require login for all pages:\n\n\\\u003csecurity-constraint\\\u003e\n\\\u003cweb-resource-collection\\\u003e\n\\\u003cweb-resource-name\\\u003eany\\\u003c/web-resource-name\\\u003e\n\\\u003curl-pattern\\\u003e/*\\\u003c/url-pattern\\\u003e\n\\\u003c/web-resource-collection\\\u003e\n\\\u003cauth-constraint\\\u003e\n\\\u003crole-name\\\u003e*\\\u003c/role-name\\\u003e\n\\\u003c/auth-constraint\\\u003e\n\\\u003c/security-constraint\\\u003e\n\nSample usage: \n\n\n public class ServletSample extends AbstractAppEngineAuthorizationCodeServlet {\n\n @Override\n protected void doGet(HttpServletRequest request, HttpServletResponse response)\n throws IOException {\n // do stuff\n }\n\n @Override\n protected String getRedirectUri(HttpServletRequest req) throws ServletException, IOException {\n GenericUrl url = new GenericUrl(req.getRequestURL().toString());\n url.setRawPath(\"/oauth2callback\");\n return url.build();\n }\n\n @Override\n protected AuthorizationCodeFlow initializeFlow() throws IOException {\n return new AuthorizationCodeFlow.Builder(BearerToken.authorizationHeaderAccessMethod(),\n new UrlFetchTransport(),\n new GsonFactory(),\n new GenericUrl(\"https://server.example.com/token\"),\n new BasicAuthentication(\"s6BhdRkqt3\", \"7Fjfp0ZBr1KtDRbnfVdmIw\"),\n \"s6BhdRkqt3\",\n \"https://server.example.com/authorize\").setCredentialStore(new AppEngineCredentialStore())\n .build();\n }\n }"]]