I've just created my own custom authentication on my google app engine Java app. And it wasn't that much of a trouble as is the next thing I'm trying to do.

Authentication works fine but now I'm trying to add some additional fields to the default User object so that I wouldn't have to make so many calls to the server.

So what I've done so far is created a custom class that implements Authenticator. Based on whether the user is authenticated or not the authenticate method returns the User object or null. User object is then accessible to my API endpoints.

To extend my app functionality I've tried extending the default User object, making some new fields, and then passing it to endpoints. However, since the User object accessible by endpoints is not the same kind as the one I extended from I can't get the extra fields.

MyAuthenticator.java

import com.google.api.server.spi.auth.common.User;

public class MyAuthenticator implements Authenticator {

@Override
public User authenticate(HttpServletRequest request) {
    // some code
    return new AuthUser(...)
}

AuthUser.java

import com.google.api.server.spi.auth.common.User;

public class AuthUser extends User {
private String newToken;

public AuthUser(String email) {
    super(email);
}

public AuthUser(String id, String email) {
    super(id, email);
}

public AuthUser(String id, String email, String newToken) {
    super(id, email);
    this.newToken = newToken;
}

public String getNewToken() {
    return newToken;
}
}

UserEndpoint.java

import com.google.appengine.api.users.User;

@Api(authenticators = MyAuthenticator.class)
public class UserEndpoint {
@ApiMethod(httpMethod = "GET")
public final Response sth(User user)
        throws UnauthorizedException {
    EndpointUtil.throwIfNotAuthenticated(user);
    // ...
}

Notice different class imports.

I can't use AuthUser in UserEndpoint sth method because then API expects me to post that object with my call to server.

How can I pass extra data from authenticator to my endpoint method?