This sample demonstrates how to use Google Cloud Endpoints on Google App Engine Flexible Environment using Java.

$ mvn jetty:run

$ mvn gcloud:deploy

<?xml version="1.0" encoding="UTF-8"?>

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">

<modelVersion>4.0.0</modelVersion>

<packaging>war</packaging>

<version>1.0-SNAPSHOT</version>

<groupId>com.example.managedvms</groupId>

<artifactId>managed-vms-endpoints</artifactId>

<parent>

<artifactId>doc-samples</artifactId>

<groupId>com.google.cloud</groupId>

<version>1.0.0</version>

<relativePath>../..</relativePath>

</parent>

<dependencies>

<dependency>

<groupId>javax.servlet</groupId>

<artifactId>javax.servlet-api</artifactId>

<version>3.1.0</version>

<type>jar</type>

<scope>provided</scope>

</dependency>

<!-- Gson: Java to Json conversion -->

<dependency>

<groupId>com.google.code.gson</groupId>

<artifactId>gson</artifactId>

<version>2.6.2</version>

<scope>compile</scope>

</dependency>

</dependencies>

<build>

<!-- for hot reload of the web application -->

<outputDirectory>${project.build.directory}/${project.build.finalName}/WEB-INF/classes</outputDirectory>

<plugins>

<plugin>

<groupId>com.google.appengine</groupId>

<artifactId>gcloud-maven-plugin</artifactId>

<version>2.0.9.111.v20160527</version>

</plugin>

<plugin>

<groupId>org.apache.maven.plugins</groupId>

<artifactId>maven-war-plugin</artifactId>

<version>2.6</version>

<configuration>

<failOnMissingWebXml>false</failOnMissingWebXml>

</configuration>

</plugin>

<plugin>

<groupId>org.apache.maven.plugins</groupId>

<version>3.3</version>

<artifactId>maven-compiler-plugin</artifactId>

<configuration>

<source>1.7</source>

<target>1.7</target>

</configuration>

</plugin>

<plugin>

<groupId>org.eclipse.jetty</groupId>

<artifactId>jetty-maven-plugin</artifactId>

<version>9.3.8.v20160314</version>

</plugin>

</plugins>

</build>

</project>

FROM gcr.io/google_appengine/jetty9

ADD . /app

runtime: custom

vm: true

handlers:

- url: /.*

script: this field is required, but ignored

secure: always

beta_settings:

# Enable Google Cloud Endpoints API management.

use_endpoints_api_management: true

# Specify the Swagger API specification.

endpoints_swagger_spec_file: swagger.yaml

swagger: "2.0"

info:

description: "A simple Google Cloud Endpoints API example."

title: "Endpoints Example"

version: "1.0.0"

host: "YOUR-PROJECT-ID.appspot.com"

basePath: "/"

consumes:

- "application/json"

produces:

- "application/json"

schemes:

- "https"

paths:

"/echo":

post:

description: "Echo back a given message."

operationId: "echo"

produces:

- "application/json"

responses:

200:

description: "Echo"

schema:

$ref: "#/definitions/echoMessage"

parameters:

- description: "Message to echo"

in: body

name: message

required: true

schema:

$ref: "#/definitions/echoMessage"

"/auth/info/googlejwt":

get:

description: "Returns the requests' authentication information."

operationId: "auth_info_google_jwt"

produces:

- "application/json"

responses:

200:

description: "Authenication info."

schema:

$ref: "#/definitions/authInfoResponse"

x-security:

- google_jwt:

audiences:

# This must match the "aud" field in the JWT. You can add multiple

# audiences to accept JWTs from multiple clients.

- "echo.endpoints.sample.google.com"

"/auth/info/googleidtoken":

get:

description: "Returns the requests' authentication information."

operationId: "authInfoGoogleIdToken"

produces:

- "application/json"

responses:

200:

description: "Authenication info."

schema:

$ref: "#/definitions/authInfoResponse"

x-security:

- google_id_token:

audiences:

# Your OAuth2 client's Client ID must be added here. You can add

# multiple client IDs to accept tokens from multiple clients.

- "YOUR-CLIENT-ID"

definitions:

echoMessage:

properties:

message:

type: "string"

authInfoResponse:

properties:

id:

type: "string"

email:

type: "string"

security:

- api_key: []

securityDefinitions:

# This section configures basic authentication with an API key.

api_key:

type: "apiKey"

name: "key"

in: "query"

# This section configures authentication using Google API Service Accounts

# to sign a json web token. This is mostly used for server-to-server

# communication.

google_jwt:

authorizationUrl: ""

flow: "implicit"

type: "oauth2"

# This must match the 'iss' field in the JWT.

x-issuer: "jwt-client.endpoints.sample.google.com"

# Update this with your service account's email address.

x-jwks_uri: "https://www.googleapis.com/service_accounts/v1/jwk/YOUR-SERVICE-ACCOUNT-EMAIL"

# This section configures authentication using Google OAuth2 ID Tokens.

# ID Tokens can be obtained using OAuth2 clients, and can be used to access

# your API on behalf of a particular user.

google_id_token:

authorizationUrl: ""

flow: "implicit"

type: "oauth2"

x-issuer: "accounts.google.com"

x-jwks_uri: "https://www.googleapis.com/oauth2/v1/certs"

package com.example.managedvms.endpoints;

import java.io.IOException;

import java.io.PrintWriter;

import java.util.Base64;

import javax.servlet.annotation.WebServlet;

import javax.servlet.http.HttpServlet;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

import com.google.gson.Gson;

import com.google.gson.JsonObject;

@WebServlet("/auth/info/*")

public class AuthInfoServlet extends HttpServlet {

@Override

public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {

String encodedInfo = req.getHeader("X-Endpoint-API-UserInfo");

if (encodedInfo == null || encodedInfo == "") {

JsonObject anon = new JsonObject();

anon.addProperty("id", "anonymous");

new Gson().toJson(anon, resp.getWriter());

return;

}

try {

byte[] authInfo = Base64.getDecoder().decode(encodedInfo);

resp.getOutputStream().write(authInfo);

} catch (IllegalArgumentException iae) {

resp.setStatus(HttpServletResponse.SC_BAD_REQUEST);

JsonObject error = new JsonObject();

error.addProperty("code", HttpServletResponse.SC_BAD_REQUEST);

error.addProperty("message", "Could not decode auth info.");

new Gson().toJson(error, resp.getWriter());

}

}

}

package com.example.managedvms.endpoints;

import java.io.IOException;

import java.io.InputStream;

import java.io.OutputStream;

import java.util.Map;

import javax.servlet.annotation.WebServlet;

import javax.servlet.http.HttpServlet;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

import com.google.gson.Gson;

import com.google.gson.JsonObject;

import com.google.gson.JsonParseException;

import com.google.gson.stream.JsonReader;

@WebServlet("/echo")

public class EchoServlet extends HttpServlet {

@Override

public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {

resp.addHeader("Content-Encoding", "application/json");

Object responseBody;

try {

JsonReader jsonReader = new JsonReader(req.getReader());

responseBody = new Gson().fromJson(jsonReader, Map.class);

} catch (JsonParseException je) {

resp.setStatus(HttpServletResponse.SC_BAD_REQUEST);

JsonObject error = new JsonObject();

error.addProperty("code", HttpServletResponse.SC_BAD_REQUEST);

error.addProperty("message", "Body was not valid JSON.");

responseBody = error;

}

new Gson().toJson(responseBody, resp.getWriter());

}

}