Programming

OAuth2 Spring Boot GitHub Authentication

We are going to create a user login functionality using the OAuth2 dependency of Spring. I am using Java SE21 and Spring 3.4.1 version. I have referred the Dan Vega's Youtube video for this demonstration. Let's start... Step 1: We need two dependencies for this project in our pom.xml: Spring Web and OAuth2 Client org.springframework.boot spring-boot-starter-oauth2-client org.springframework.boot spring-boot-starter-web Step 2: Let's create a RestController for the public and secured endpoints as shown below. package com.sky.cob_service.controller; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RestController; @RestController public class COBController { @GetMapping("/") public String cobHome() { return "Welcome to COB Public Home Page"; } @GetMapping("/COBPrivateHome") public String cobPrivateHome() { return "Welcome to COB Private Home Page"; } } One thing to note here is that we get Spring Security on classpath in this application as we have included the OAuth2 client dependency. Hence, when we start the application we get the below plain login screen by default. Step 3: To override the default username and password of Spring Security we need to create a custom Spring Security Configuration. ackage com.sky.cob_service.config; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.Customizer; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.web.SecurityFilterChain; @Configuration @EnableWebSecurity public class COBSecurityConfig { @Bean SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { return http .authorizeHttpRequests(auth -> { auth.requestMatchers("/").permitAll(); auth.anyRequest().authenticated(); }) .oauth2Login(Customizer.withDefaults()) .formLogin(Customizer.withDefaults()) .build(); } } Step 4: In order to configure the GitHub OAuth Login in our application, we will first create a secret by logging into GitHub Account and navigate to below path. Create a secret and fill in the details for homepage url and callback url as below. Note: Callback URL is the one that needs to be used as it is. Step 5: Last step is to provide the client-id and client-secret created in Step 4 for GitHub OAuth in our application.properties file. server.port=8763 logging.level.org.springframework.security=TRACE #github login spring.security.oauth2.client.registration.github.client-id= spring.security.oauth2.client.registration.github.client-secret= Finally, to test everything is working fine. Just hit the localhost:8763 URL and see you will get your public home page by default. Now, try hitting the secured private endpoint mentioned in the RestController. http://localhost:8763/COBPrivateHome It will redirect you to the login page showing both password based and GitHub OAuth based Login methods. Go ahead with the GitHub login and you will see the private home page content displayed once you are logged in via your GitHub Account. Thanks for reading till the end. See you in the next one!

Jan 18, 2025 - 19:28
OAuth2 Spring Boot GitHub Authentication

We are going to create a user login functionality using the OAuth2 dependency of Spring. I am using Java SE21 and Spring 3.4.1 version.

I have referred the Dan Vega's Youtube video for this demonstration.

Let's start...

Step 1: We need two dependencies for this project in our pom.xml: Spring Web and OAuth2 Client


            org.springframework.boot
            spring-boot-starter-oauth2-client


            org.springframework.boot
            spring-boot-starter-web

Step 2: Let's create a RestController for the public and secured endpoints as shown below.

package com.sky.cob_service.controller;

import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class COBController {

    @GetMapping("/")
    public String cobHome() {
        return "Welcome to COB Public Home Page";
    }
    @GetMapping("/COBPrivateHome")
    public String cobPrivateHome() {
        return "Welcome to COB Private Home Page";
    }
}

One thing to note here is that we get Spring Security on classpath in this application as we have included the OAuth2 client dependency. Hence, when we start the application we get the below plain login screen by default.

Spring Security Default Login Screen

Step 3: To override the default username and password of Spring Security we need to create a custom Spring Security Configuration.

ackage com.sky.cob_service.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.SecurityFilterChain;

@Configuration
@EnableWebSecurity
public class COBSecurityConfig {

    @Bean
    SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        return http
                .authorizeHttpRequests(auth -> {
                    auth.requestMatchers("/").permitAll();
                    auth.anyRequest().authenticated();
                })
                .oauth2Login(Customizer.withDefaults())
                .formLogin(Customizer.withDefaults())
                .build();
        }
}

Spring Security Configuration Code

Step 4: In order to configure the GitHub OAuth Login in our application, we will first create a secret by logging into GitHub Account and navigate to below path.

GitHub OAuth Settings Path

Create a secret and fill in the details for homepage url and callback url as below.

Note: Callback URL is the one that needs to be used as it is.

Callback URL Settings

Step 5: Last step is to provide the client-id and client-secret created in Step 4 for GitHub OAuth in our application.properties file.

server.port=8763

logging.level.org.springframework.security=TRACE

#github login
spring.security.oauth2.client.registration.github.client-id=
spring.security.oauth2.client.registration.github.client-secret=

Finally, to test everything is working fine. Just hit the localhost:8763 URL and see you will get your public home page by default.

Public Home Page

Now, try hitting the secured private endpoint mentioned in the RestController.

http://localhost:8763/COBPrivateHome

It will redirect you to the login page showing both password based and GitHub OAuth based Login methods.

Login Page

Go ahead with the GitHub login and you will see the private home page content displayed once you are logged in via your GitHub Account.

Login Page of GitHub

Login Succes

Thanks for reading till the end. See you in the next one!

Read More

Tags:

Previous Article

AI Agents Unveiled at CES 2025: Implications for Software Engineering and the Jo...

Next Article

Power of Python Libraries in Data Science

Related Posts

Three Common Pitfalls in Modern Android Development

Three Common Pitfalls in Modern Android Development

Jan 15, 2025

Performance discovery: IOPS vs. IOPS

Jan 14, 2025

Import of Data from Standard Storage Bucket to S3 Express One Zone Storage Bucket Using Amazon S3 Batch Operation

Import of Data from Standard Storage Bucket to S3 Expre...

Jan 18, 2025