Spring Boot - Spring Security - GitHub OAuth2 Login - Example

Hello everyone, Today we are going to learn how to integrate the GitHub OAuth2 Sign-In by utilizing the Spring Boot application.

More Spring Security examples:


1. Log in to GitHub: https://github.com/settings/apps

2. Navigate to the OAuth apps section on the left menu, and select New OAuth App


3. Then, provide Application name, Home Page URL, Authorization callback URL, and register application

4. After clicking the register button, System will generate the Client ID and Client Secret.
Now we have successfully created the auth client in the GitHub


Creating a Simple Web Application

Now we are going to develop a simple web application using Spring Security and GitHub OAuth2

Project Structure:


Project Dependency(pom.xml)

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" 
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 
   https://maven.apache.org/xsd/maven-4.0.0.xsd">
   <modelVersion>4.0.0</modelVersion>
   <parent>
      <groupId>org.springframework.boot</groupId>
      <artifactId>spring-boot-starter-parent</artifactId>
      <version>2.5.4</version>
      <relativePath/> <!-- lookup parent from repository -->
   </parent>
   <groupId>com.knf.dev.demo</groupId>
   <artifactId>springoauth2-github</artifactId>
   <version>0.0.1-SNAPSHOT</version>
   <name>springoauth2-github</name>
   <description>Demo project for Spring Boot</description>
   <properties>
      <java.version>11</java.version>
   </properties>
   <dependencies>
      <dependency>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-oauth2-client</artifactId>
      </dependency>
      <dependency>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-security</artifactId>
      </dependency>
      <dependency>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-thymeleaf</artifactId>
      </dependency>
      <dependency>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-web</artifactId>
      </dependency>
      <dependency>
         <groupId>org.thymeleaf.extras</groupId>
         <artifactId>thymeleaf-extras-springsecurity5</artifactId>
      </dependency>

      <dependency>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-test</artifactId>
         <scope>test</scope>
      </dependency>
      <dependency>
         <groupId>org.springframework.security</groupId>
         <artifactId>spring-security-test</artifactId>
         <scope>test</scope>
      </dependency>
   </dependencies>

   <build>
      <plugins>
         <plugin>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-maven-plugin</artifactId>
         </plugin>
      </plugins>
   </build>
</project>


Enable GitHub Sign-in

We need to configure the generated client credentials to the "application.yaml" file.
spring:
  security:
    oauth2:
      client:
        registration:
          github:
            clientId: <client-id>
            clientSecret: <client-secret>


Create Spring Web Mvc Configurer  (WebMvcConfig.java)

package com.knf.dev.demo.springoauth2github.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

@Configuration
public class WebMvcConfig implements WebMvcConfigurer {

    @Override
    public void addViewControllers(ViewControllerRegistry registry){
        registry.addViewController("/").setViewName("index");
        registry.addViewController("/index").setViewName("index");
    }
}



Create Spring  Security Configurer Adapter (SecurityConfig.java)

package com.knf.dev.demo.springoauth2github.config;

import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.
        configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.
        configuration.WebSecurityConfigurerAdapter;

@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    public void configure(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.csrf().disable().antMatcher("/**").authorizeRequests()
                .antMatchers("/","/index").authenticated()
                .anyRequest().authenticated()
                .and()
                .oauth2Login().permitAll()
                .and()
                .logout()
                .invalidateHttpSession(true)
                .clearAuthentication(true)
                .logoutSuccessUrl("/");
    }
}


View(index.html)

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"
      xmlns:sec="https://www.thymeleaf.org/thymeleaf-extras-springsecurity3"
      xmlns:th="https://www.thymeleaf.org">
<head>
    <title>Spring Boot OAuth2 Login with Github - Demo</title>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <link rel="stylesheet"
        href="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css">
    <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js">
    </script>
    <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js">
    </script>
</head>
<body>
<nav class="navbar navbar-inverse">
    <div class="container-fluid">
        <div class="navbar-header">
            <button class="navbar-toggle" data-target="#myNavbar"
                    data-toggle="collapse" type="button">
                <span class="icon-bar"></span>
                <span class="icon-bar"></span>
                <span class="icon-bar"></span>
            </button>
            <a class="navbar-brand" href="#">Logo</a>
        </div>
        <div class="collapse navbar-collapse" id="myNavbar">
            <ul class="nav navbar-nav">
                <li class="active"><a href="#">Home</a></li>
            </ul>
        </div>
    </div>
</nav>

<div class="container-fluid text-center">
    <div class="row content">
        <div class="col-sm-2 sidenav">
        </div>
        <div class="col-sm-8 text-left">
            <h1>Welcome</h1>
            <p>You have been successfully logged in</p>
        </div>
    </div>
</div>
</body>
</html>


Driver Class(Main class)

package com.knf.dev.demo.springoauth2github;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;

@SpringBootApplication
public class Springoauth2GithubApplication {

   public static void main(String[] args) {
      SpringApplication.run(Springoauth2GithubApplication.class, args);
   }
}


Comments

Post a Comment

Popular posts from this blog

Learn Java 8 streams with an example - print odd/even numbers from Array and List

Example 1: Java 8 program to print odd numbers from a List   import java.util.Arrays; import java.util.List; import java.util.stream.Collectors; /*Java 8 Program to find Odd Numbers from a List*/ public class DriverClass { public static void main( String [] args) { List < Integer > numbers = Arrays. asList( 1 , 4 , 8 , 40 , 11 , 22 , 33 , 99 ); List < Integer > oddNumbers = numbers.stream(). filter(o -> o % 2 != 0 ). collect(Collectors.toList()); System.out.println(oddNumbers); } } 1. Initialize List using Arrays.asList() method. Java's built-in Arrays.asList() method converts an array into a list. This method takes an array as an argument and returns a List object. 2.  Java List interface provides stream() method which returns a sequential Stream with list of Integer as its source. 3. The Java stream filter() method allow
Read more

ReactJS - Bootstrap - Buttons

Image
Bootstrap is a free and open-source front-end development framework for the creation of websites and web apps. It is a free and open-source project, hosted on GitHub, and originally engendered by Twitter.  Let us create a new React app - click here After engendering the React app, the best way to install Bootstrap is via the npm package. To install Bootstrap, navigate to the React app folder, and run the following command. $ npm install react-bootstrap bootstrap --save Example import React from 'react' ; import Button from 'react-bootstrap/Button' ; import 'bootstrap/dist/css/bootstrap.min.css' ; class App extends React.Component { render() { return ( <div> <> <Button variant = "primary" > Primary </Button> { ' ' } <Button variant = "secondary" > Secondary </Button> { ' ' } <Butto
Read more

Spring Core | BeanFactoryPostProcessor | Example

Image
In Spring, the  BeanFactoryPostProcessor is a  functional interface that contains a abstract method postProcessBeanFactory .   It allows us to modify the Spring context’s bean definitions before any beans get created.  BeanFactoryPostProcessor can create new bean definitions or modify existing ones. Since  BeanFactoryPostProcessor  should be called before other bean types are formed, it must be registered as a static method level. BeanFactoryPostProcessor example We are creating a simple maven project. You could clone the code from our GitHub repo. Final Project Directory Complete pom.xml <? xml version ="1.0" encoding ="UTF-8" ?> < project xmlns ="http://maven.apache.org/POM/4.0.0" xmlns:xsi ="http://www.w3.org/2001/XMLSchema-instance" xsi :schemaLocation ="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" > < modelVersion >4.0.0</ modelVersion > < gr
Read more

Spring Boot 3 + Spring Security 6 + Thymeleaf - Registration and Login Example

Image
In this section we will learn how to create user registration and login using Spring boot 3, Spring security 6, Thymeleaf, JPA, and PostgreSQL. The GitHub repository link is provided at the end of this tutorial. You can download the source code. What’s New in Spring Security 6? WebSecurityConfigurerAdapter Removed : The  WebSecurityConfigurerAdapter class was deprecated and then removed in Spring Security 6. Instead, you should now take a more component-based approach and create a bean of type  SecurityFilterChain . Here's an example: @Configuration @EnableWebSecurity public class SecurityConfiguration { @Bean public SecurityFilterChain securityFilterChain ( HttpSecurity http) throws Exception { http .authorizeHttpRequests((requests) -> requests .requestMatchers( "/registration**" ).permitAll() .anyRequest().authenticated() ) .formLogin((form) -> form
Read more

File Upload, Download, And Delete - Azure Blob Storage + Spring Boot Example

Image
In this section, you will learn how to create  a storage account on Microsoft Azure and create a simple spring boot application to perform different file operations such as upload, download, and delete files from the Azure blob storage. A little bit of Background Azure Blob Storage Azure Blob storage is Microsoft's object storage solution for the cloud. Blob storage is optimized for storing massive amounts of unstructured data. Unstructured data is data that doesn't adhere to a particular data model or definition, such as text or binary data. More Info -  https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blobs-introduction Spring Boot Spring Boot makes it easy to create stand-alone, production-grade Spring-based Applications that you can "just run".  More Info -  https://spring.io/projects/spring-boot Create an Azure Storage Account and blob container using Azure Portal Sign in to Azure portal  https://portal.azure.com/#home  and search for " Storage a
Read more

Custom Exception Handling in Quarkus REST API

Image
In this section, we will learn how to handle exceptions in the Quarkus REST application using ExceptionMapper interface implementations. ExceptionMapper is a contract for a provider that will map a thrown application exception to a Response object. We will show you custom exception handling with the help of a simple application, Final  Project Directory: Complete pom.xml  <?xml version = "1.0" ?> <project     xsi:schemaLocation = "http://maven.apache.org/POM/4.0.0     https://maven.apache.org/xsd/maven-4.0.0.xsd"     xmlns = "http://maven.apache.org/POM/4.0.0"     xmlns:xsi = "http://www.w3.org/2001/XMLSchema-instance" >     <modelVersion> 4.0.0 </modelVersion>     <groupId> org.knf.dev.demo </groupId>     <artifactId> quarku-custom-exception-handling </artifactId>     <version> 1.0.0-SNAPSHOT </version>     <properties>         <compiler-plugin.version> 3.8.1 </compiler-
Read more

Java, Spring Boot Mini Project - Library Management System - Download

Image
Hello everyone, Hope you are doing well. Here, we provide a Library Management System mini-project for beginners, it's free for download. Maybe you can build more on top of this project and create your own product, that's all about you. The source code download link is provided at the end of this post. 1. Benefit of this project You could cover the following technologies and features by learning and debugging this mini project. Java 17 Java Stream Java Lamda Expressions Java Records Functional programming Object-oriented programming var Keyword in Java Generics in Java Java Switch Spring boot 2.6.4 Spring Security Thymeleaf template engine OpenCSV Spring Data JPA Server Side Pagination H2 Database  Bootstrap HTML CSS and more... 2. Objective Of Spring Boot On Library Management System The main objective of this project is to manage the details of the books, author, category, and publisher. Only Admin/Librarian will manage all these activities. Also, they can export the data in
Read more

ReactJS, Spring Boot JWT Authentication Example

Image
In this tutorial, we’ll create a user registration & login example using ReactJS, Spring Boot, Spring Security, and JWT authentication. You could download the source code from our Github repository, the download link is provided at the end of this tutorial. Technologies used Backend Technologies: Java 17 Spring Boot 2.7.0 Spring Security Spring Data JPA JWT H2 Database Frontend Technologies: React 17.0.1 Axios 0.27.2 Redux 4.0.5 Bootstrap 4.5.2 ReactJS - SpringBoot - JWT - Flow Backend Project Directory: Frontend Project Directory: Following is the screenshot of our application - User Registration: User Signin: Profile View: Access Resource: We will build two projects:  1. Backend:   spring-boot-security-jwt 2. Frontend: react-redux-jwt Project 1: spring-boot-security-jwt Pom.xml <?xml version = "1.0" encoding = "UTF-8" ?> <project xmlns = "http://maven.apache.org/POM/4.0.0" xmlns:xsi = "http://www.w3.org/2001/XMLSchema-instance"
Read more

Top 5 Java ORM tools - 2024

Image
  The term ORM refers to object-relational mapping, which uses objects to adapt programming languages to database systems while allowing them to function with SQL and object-oriented programming ideas. Any kind of database management system that can accomplish object mapping to the table in the virtual system is suitable for the implementation of ORM. Java has a wide variety of ORM tools, some of which are mentioned below: 1. Hibernate Hibernate is a lightweight, open-source, non-invasive Java ORM (Object-Relational Mapping) framework that allows developers to create objects that function independently of database software and create persistence logic in any Java or JavaEE application. It offers an abstraction layer, so developers don't have to bother about implementations; Hibernate handles these tasks internally, such as connecting to databases and creating queries to carry out CRUD operations, among other things. Persistence logic development is done with it. Persistence logic r
Read more

Java - DES Encryption and Decryption example

DES (Data Encryption Standard) algorithm is the most commonly used encryption  symmetric-key  algorithm in the world. For a long time, "cipher generation" was synonymous with DES in many people's minds. Although the Electronic Frontier Foundation recently called, it built a 220,000 machine to try to crack DES encrypted data. DES and its variant "triple data encryption algorithm" will still be widely used in government and banking. AES became the replacement for DES).   DES processes bits or binary numbers. We know that every four bits make up a hexadecimal number. DES encrypts a set of 64-bit information, which is represented by 16 hexadecimal numbers. DES also uses 64-bit long ciphers to provide encryption. However, every 8 bits in the key are ignored, resulting in a correct key length of 56 bits in DES. However, in any case, one 64-bit block is an eternal DES organization. Java DES Encryption and Decryption   import javax.crypto.Cipher; import javax.crypto.K
Read more