Backend need for same cases to validate that Google access token provided by third application (mobile or front) is ok.
To do this task, we need same dependencies

  1. <dependency>
  2.     <groupId>com.google.http-client</groupId>
  3.     <artifactId>google-http-client</artifactId>
  4.     <version>1.19.0</version>
  5. </dependency>
  6.  
  7. <dependency>
  8.     <groupId>com.google.http-client</groupId>
  9.     <artifactId>google-http-client-jackson2</artifactId>
  10.     <version>1.19.0</version>
  11. </dependency>
  12.  
  13. <dependency>
  14.     <groupId>com.google.api-client</groupId>
  15.     <artifactId>google-api-client</artifactId>
  16.     <version>1.19.1</version>
  17. </dependency>
  18.  
  19. <dependency>
  20.     <groupId>com.google.apis</groupId>
  21.     <artifactId>google-api-services-plus</artifactId>
  22.     <version>v1-rev165-1.19.0</version>
  23. </dependency>

and use this code to get the Person object

  1. GoogleCredential credential = new GoogleCredential().setAccessToken("blablabla");
  2.  
  3. Plus plus = new Plus.Builder(GoogleNetHttpTransport.newTrustedTransport(), JacksonFactory.getDefaultInstance(), credential).build();
  4.  
  5. Person profile = plus.people().get("me").execute();
  6. System.out.println("ID: " + profile.getId());
  7. System.out.println("Name: " + profile.getDisplayName());
  8. System.out.println("Image URL: " + profile.getImage().getUrl());
  9. System.out.println("Profile URL: " + profile.getUrl());
  10. System.out.println("Emails: "+profile.getEmails());

You need now to validate that the Id provided is equal to what google return and email exist in profile.getEmails() list.