Google oauth client - Callback over https

Question

I'm using google-oauth-java-client library to authenticate against a NetIQ Identity provider. The authorization request reaches the IdP, however it doesn't accept the Callback over HTTP:

<amLogEntry> 2016-08-11T19:02:26Z WARNING NIDS Session Logger:
 com.novell.nam.nidp.oauth.core.helpers.OAuth2AuthorizationRequest:
 http://localhost/callback - redirection url must be https
</amLogEntry>

Is there a way to set up a Callback url using https? Here is the java code that is requesting the authorization grant:

LocalServerReceiver receiver = new LocalServerReceiver.Builder()
   .setHost(OAuth2ClientCredentials.DOMAIN)
   .setPort(OAuth2ClientCredentials.PORT).build();
return new AuthorizationCodeInstalledApp(flow, receiver).authorize("user");

Looks like you'll need a self-signed SSL certificate, but I don't know enough Java to help beyond that. — neverendingqs, Aug 25 '16 at 20:12

score 0 · Answer 1 · answered Jan 19 '17 at 10:40

You can follow these instructions to create a keystore file and self-signed certificate. Note, that you would have to set sslProtocol value to version of TLS you are going to use.
Additionally, you might have to generate a truststore and add google certificate to it. The truststore basically holds certificates that you trust (obviously). To generate truststore you can use same command as in the link above. To add that truststore to your tomcat to would have to add these:

truststoreFile="${user.home}/truststore"
truststorePass="changeit"

to your connector configuration.

Google oauth client - Callback over https

1 Answers1