How to handle authentication callback?

I am developing a web application in java. I am using personal domain appspot (googleappengine). I have implemented 3-legged OAuth. And the authentication is working fine.

The problem here is at the first run of application. Though, I am logged in my gmail, it doesn't detect username. And it redirects to login page. After getting logged in, I am getting the data available in appspot datastore. But, I cannot append that data to my home page :(

My code is like :

• Ajax Call of First Request Servlet (home.html) :

      $(document).ready(function(){
          jQuery.ajax({
              type: "get",
              url: "http://searcegadget2.appspot.com/RequestTokenServlet",
              success: function(msg){
                  if(msg.search('tr') != -1){
                      id = msg.split('</tr>').length - 1;
                      $('#gadget').css('display', 'block');
                      $("tbody").append(msg);
                      difference();
                  }else if(msg.search('form') != -1){
                      $('#gadget').css('display', 'none');
   开发者_开发知识库                   document.write(msg);
                  }else if(msg.search('http') != -1){
                      $('#gadget').css('display', 'none');
                      document.location = msg;
                  }
              },error: function(XMLHttpRequest, textStatus, errorThrown){
                  //alert(XMLHttpRequest.responseText);
              }
          });
      });
  

My table div id is #gadget & it has block block display. And as you can see, I have also set the OAuth Callback Parameter to home.html

• RequestTokenServlet.java Code :

  GoogleOAuthParameters oauthParameters = new GoogleOAuthParameters();
  oauthParameters.setOAuthConsumerKey(CONSUMER_KEY);
  oauthParameters.setOAuthConsumerSecret(CONSUMER_SECRET);
  oauthParameters.setScope("https://spreadsheets.google.com/feeds/");
  oauthParameters.setOAuthCallback("http://searcegadget2.appspot.com/home.html");
  oauthParameters.setOAuthType(OAuthParameters.OAuthType.THREE_LEGGED_OAUTH);
  
  UserService userService = UserServiceFactory.getUserService();
  if (userService.isUserLoggedIn()) {
      //fetch row
  } else {
      out.print(userService.createLoginURL(request.getRequestURI()));
  }
  

I mean, the appspot returns the html table row, & it displays the row only in any browser. While I want that row get appended to my home page table, but I can't.

Also, this happens only when I loggin first time. Later when I through my application url again, it returns the homepage with the row appended to table ! But, the issue repeats when I restart the browser !

I want the second screen to be displayed at first call.

How do I solve this issue ? Is there any other way to check if the user is login or not in Java ?

It is normal that your GAE app does not detect that you are not logged into google.

If it could then any GAE site could login all gmail users automatically without their consent. The OpenID/OAuth does not work like this - it requires the user interaction by design for security reasons.

Update:

If user is not logged in then userService.isUserLoggedIn() returns false so I suppose no HTML table is returned.

By the way if user is not logged in you should redirect them to Google login page:

response.sendRedirect(userService.createLoginURL(req.getRequestURI()));