It is so common these days that a lot of applications include social login. You can login to their applications using your facebook/google/github accounts.
In this post we will see how to enable login through Google account.
Spring Boot does most of the work for us , so the changes to be done are quite minimal.
To enable login through Google account , you need to first register your account with Google and get back client id and client secret.
We will be configuring these two in our Spring Boot application.
Once this configuration is done , when user hits on your application URL , she will be redirected to Google accounts page and asked to login with her credentials. Spring Boot will send the credentials we had created along with the request and Google will validate it against its own records. Once it is successful , Google will send a token back to your spring boot application. This token is the OAuth token your application will be using for further requests. It is stored in the browser and is available until user logs out.
That is the basic flow
Lets get into the details.
STEP 1: Register your application with Google
Go to http://console.developers.google.com/
Add a new project
Go to credentials menu and create new OAuth2 credentials :
Before you can create the credentials you will be asked to create an OAuth consent screen , just give your project name and save it.
Then select OAuth client ID menu as shown above.
You will be present with a page .
Enter a name , the URL of your application under URIs ( I deployed my application in my local at port 8080 and hence gave the URL as http://localhost:8080) and the below URL under Authorized Redirect URIs:
http://localhost:8080/login/oauth2/code/google
Except for the base domain (http://localhost:8080) which is dependent on your application the other part of the path should be entered as shown above (“/login/oauth2/code/google”). Spring Boot has inbuilt configuration to recognize the URL in this format.
Once you save this your application will be registered and you will be presented with the client id and client secret:
That’s it!
We are good to move to the next step
STEP 2: Create a spring boot application with oauth2 starter and web dependencies
Create a spring boot application through https://start.spring.io/ . Select yaml file for adding properties while creating.
Add the below dependencies in pom.xml
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-client</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
STEP 3: Include OAuth credential details in properties file
Add the client credentials which you got through registering your application in Google in application.yml:
spring:
security:
oauth2:
client:
registration:
google:
client-id: client-id-here
client-secret: client-secret-here
STEP 4: Create index.html file
We need to show a page to the user when the application is loaded , so create index.html under resources/static folder. I am just printing Hello World in the page.
That’s it!
STEP 5: Test the application
Run the application and load http://localhost:8080 in the browser. You will be redirected to Google Accounts page:
After you sign in , you will be redirected back to your index.html page:
That’s it!
We have implemented social login through Google!
Now let’s add a REST service to the application and try to hit it from browser and see if it is accessible without authentication. By default all of the services in the application are now protected through OAuth2 (this can be configured) .
I added the below Rest Controller to the application:
package com.example.demo;
import org.springframework.web.bind.annotation.GetMapping;
@org.springframework.web.bind.annotation.RestController
public class RestController {
@GetMapping("/getSpecialMessage")
public String getSpecialMessage() {
return "I am protected using OAuth";
}
}
And when I tried to hit the above service from browser (after clearing the browser data) I got redirected back to the Google Accounts page. It is protected!
Let us add a link for the above service in index.html and see if we can access it after login.
I updated the index.html page like below:
<html>
<body>
<strong>Hello World!</strong>
<a href="/getSpecialMessage">Get Special Message</a>
</body>
</html>
I logged in to the application after hitting http://localhost:8080.
The below page got displayed:
And when I click on Get Special Message link , the below response returned by the REST service got printed:
It works!
The application now has the token stored in the browser and it is attached to every REST service URL in the application.
I have not mentioned about logging out the application . Spring Boot helps in implementing this easily as well . Once the application is logged out , the token is deleted and user has to login again through their Google account to access the application.
Leave a Reply