Add optional Google Sign In in my Spring Boot + Security + web Application -
i working on spring boot web application. have working registration , login system using spring security custom userdetailservice.
now want add register-login system using google accounts. created google api keys , added them application.properties
. think not necessary use .yml propertie files here:
# =============================== # = oauth2 # =============================== security.oauth2.client.client-id=clientid here security.oauth2.client.client-secret=clientsecret here security.oauth2.client.access-token-uri=https://www.googleapis.com/oauth2/v3/token security.oauth2.client.user-authorization-uri=https://accounts.google.com/o/oauth2/auth security.oauth2.client.token-name=oauth_token security.oauth2.client.authentication-scheme=query security.oauth2.client.client-authentication-scheme=form security.oauth2.client.scope=profile security.oauth2.resource.user-info-uri=https://www.googleapis.com/userinfo/v2/me security.oauth2.resource.prefer-token-info=false
i added oauth2 support spring boot application on way:
@springbootapplication @enableoauth2sso public class webapplication { public static void main(string[] args) { springapplication.run(webapplication.class, args); } }
now want keep posibility login using google or login using website account, found manuals unique login or multiple providers login (facebook, google, twitter..)
in springsecurity configuration class have this. think have create authenticationprovider google , link google access url in app, confused yet this:
@autowired public void configureglobal(authenticationmanagerbuilder auth) throws exception { /** * obtenemos informaciĆ³n de persistencia */ // @formatter:off auth //.authenticationprovider(googleoauth2authprovider()) .userdetailsservice(userdetailsservice) .passwordencoder(bcryptpasswordencoder); // @formatter:on } ... @override protected void configure(httpsecurity http) throws exception { string[] anonymousrequest = { urls}; http .authorizerequests() //..other rules
you have use composite filter in configure desired authentication providers, example:
private filter ssofilter() { compositefilter filter = new compositefilter(); list<filter> filters = new arraylist<>(); filters.add(ssofilter(facebook(), "/login/facebook")); filters.add(ssofilter(google(), "/login/google")); filter.setfilters(filters); return filter; } private filter ssofilter(clientresources client, string path) { oauth2clientauthenticationprocessingfilter oauth2clientauthenticationfilter = new oauth2clientauthenticationprocessingfilter( path); oauth2resttemplate oauth2resttemplate = new oauth2resttemplate(client.getclient(), oauth2clientcontext); oauth2clientauthenticationfilter.setresttemplate(oauth2resttemplate); userinfotokenservices tokenservices = new userinfotokenservices(client.getresource().getuserinfouri(), client.getclient().getclientid()); tokenservices.setresttemplate(oauth2resttemplate); oauth2clientauthenticationfilter.settokenservices(tokenservices); return oauth2clientauthenticationfilter; }
where:
@bean @configurationproperties("google") public clientresources google() { return new clientresources(); } @bean @configurationproperties("facebook") public clientresources facebook() { return new clientresources(); }
and:
class clientresources { @nestedconfigurationproperty private authorizationcoderesourcedetails client = new authorizationcoderesourcedetails(); @nestedconfigurationproperty private resourceserverproperties resource = new resourceserverproperties(); public authorizationcoderesourcedetails getclient() { return client; } public resourceserverproperties getresource() { return resource; } }
finally, add filter before basicauthenticationfilter in http security config:
@override protected void configure(httpsecurity http) throws exception { string[] anonymousrequest = { urls}; http .authorizerequests() //..other rules addfilterbefore(ssofilter(), basicauthenticationfilter.class);
ps: configuration properties has start value specified in @configurationproperties("facebook")
:
facebook: client: clientid: yourcliendid clientsecret: yourclientsecret accesstokenuri: https://graph.facebook.com/oauth/access_token userauthorizationuri: https://www.facebook.com/dialog/oauth tokenname: oauth_token authenticationscheme: query registeredredirecturi: http://localhost:8083/app.html preestablishedredirecturi: http://localhost:8083/app.html clientauthenticationscheme: form resource: userinfouri: https://graph.facebook.com/me
this inspired example presented here: https://github.com/spring-guides/tut-spring-boot-oauth2/tree/master/github
Comments
Post a Comment