Google Plus - GateIn Portal 3.8

Google+ is another well-known popular social network. It also supports OAuth 2.0 protocol similarly like Facebook. Integration with GateIn Portal consists of two main parts:

Registration of GateIn Portal application on Google
GateIn Portal configuration

Registration of portal application on Google

These instructions assume that your host is server.local.network.com as described in Basic integration steps.

Main google page for developers is https://developers.google.com/. From this page, you can go to API console and Register as Google developer if you didn't that already
Click on Create new application and choose some Application name like gatein_google_app (note that it's unique for whole world)
In services tab, you will need to enable Google+ API (See screenshot)

Selection of Google+ API
In API Access tab, you need to click on Create new OAuth 2.0 client
In first screen, you need to fill name of product (you can choose any name you want)
In another screen, you need to configure application type as Web application. In section Authorized Redirect URIs you can add more URIs, which will be used as callbacks (returning URIs from Google+ application). For now, it's sufficient to add only http://server.local.network.com:8080/portal/googleAuth

Google client ID registration
After finish this process, you will see the screen with your Client ID, Client secret and Redirect URIs. Those values will be used later during GateIn Portal configuration.

Google application registration summary

Actually the process is also described in more details in Google+ documentation

Portal configuration

On portal side, you need to change file configuration.properties and configure properties in Google+ section like:

## Google
gatein.oauth.google.enabled=true
gatein.oauth.google.clientId=397260572677.apps.googleusercontent.com
gatein.oauth.google.clientSecret=pOWDqdu57CjplhrMmkrgcia5
gatein.oauth.google.redirectURL=${gatein.oauth.portal.url}/@@portal.container.name@@/googleAuth
gatein.oauth.google.scope=https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile
gatein.oauth.google.accessType=offline

Description of properties:

gatein.oauth.google.enabled - This will enable integration with Google. Users will now be able to login and register with Google+
gatein.oauth.google.clientId - Client ID of your application. This comes from registration on Google as described in previous section
gatein.oauth.google.clientSecret - Client Secret of your application. This comes from registration on Google as described in previous section. Note that client secret should be kept secret and it shouldn't be shared among your portal users or other people.
gatein.oauth.google.redirectURL - URL, which will be used by Google to redirect after user confirms Google+ authorization screen (Step 3 of Registration flow). Normally you don't need to change this value as long as you changed property gatein.oauth.portal.url as described in Basic integration steps .
gatein.oauth.google.scope - Scopes represents permission, which are required on Google authorization screen from users. This list of scopes will be used during user registration or authentication to GateIn Portal (portlet applications may require more scopes if they need it). It's recommended to not change this value and keep value https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile. Alternatively you can:
- Use either only https://www.googleapis.com/auth/userinfo.email or https://www.googleapis.com/auth/userinfo.profile . In both cases, user will be able to login into GateIn Portal, but some informations won't be obtained from Google, so GateIn Portal registration dialog won't be fully completed.
- Use more values - you can use more values, especially you can add value https://www.googleapis.com/auth/plus.login. However it's bigger chance that users won't let your GateIn Portal application to access their informations. Having plus.login scope is useful only for portlet quickstart applications, but it's not necessary as quickstart portlets will be still able to ask user for necessary scope. It's just little more user friendly for some quickstart portlets (GoogleActivitiesPortlet and GoogleFriendsPortlet) . But if you plan to use Google+ just for login (not using portlet applications), the scope https://www.googleapis.com/auth/plus.login is definitely not needed.
gatein.oauth.google.accessType - You can use value offline or online here. Our default value is offline, which means that your access token can be used even if you are not logged in Google+ . It can be also refreshed, which is done automatically by GateIn Portal. More info about access types is here .

After restart of GateIn Portal, your users should be able to register or login with their Google accounts as described in UI flows .