We are going to create a user login functionality using the OAuth2 dependency of Spring. I am using Java SE21 and Spring Boot 3.4.1 version.
I have referred the Dan Vega's Youtube video for this demonstration.
Let's start...
Step 1: We need two dependencies for this project in our pom.xml: Spring Web and OAuth2 Client
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-client</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
Step 2: Let's create a RestController for the public and secured endpoints as shown below.
package com.sky.cob_service.controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
public class COBController {
@GetMapping("/")
public String cobHome() {
return "Welcome to COB Public Home Page";
}
@GetMapping("/COBPrivateHome")
public String cobPrivateHome() {
return "Welcome to COB Private Home Page";
}
}
One thing to note here is that we get Spring Security on classpath in this application as we have included the OAuth2 client dependency. Hence, when we start the application we get the below plain login screen by default.
Step 3: To override the default username and password of Spring Security we need to create a custom Spring Security Configuration.
ackage com.sky.cob_service.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.SecurityFilterChain;
@Configuration
@EnableWebSecurity
public class COBSecurityConfig {
@Bean
SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
return http
.authorizeHttpRequests(auth -> {
auth.requestMatchers("/").permitAll();
auth.anyRequest().authenticated();
})
.oauth2Login(Customizer.withDefaults())
.formLogin(Customizer.withDefaults())
.build();
}
}
Step 4: In order to configure the GitHub OAuth Login in our application, we will first create a secret by logging into GitHub Account and navigate to below path.
Create a secret and fill in the details for homepage url and callback url as below.
Note: Callback URL is the one that needs to be used as it is.
Step 5: Last step is to provide the client-id and client-secret created in Step 4 for GitHub OAuth in our application.properties file.
server.port=8763
logging.level.org.springframework.security=TRACE
#github login
spring.security.oauth2.client.registration.github.client-id=
spring.security.oauth2.client.registration.github.client-secret=
Finally, to test everything is working fine. Just hit the localhost:8763 URL and see you will get your public home page by default.
Now, try hitting the secured private endpoint mentioned in the RestController.
http://localhost:8763/COBPrivateHome
It will redirect you to the login page showing both password based and GitHub OAuth based Login methods.
Go ahead with the GitHub login and you will see the private home page content displayed once you are logged in via your GitHub Account.
Thanks for reading till the end. See you in the next one!
Top comments (0)