OAuth2 client sign in for Spring web apps | via Google and Github

preview_player
Показать описание
Part 3 of multipart series where simple java spring mvc web app is secured by spring security framework. Authentication is also enabled by google and github social login oath2/oidc providers and users saved to relational database.
App is deployed to various cloud providers.

In part 3, we'll discuss oauth2 and oidc protocol, jwt token, register our web app as client with github (oauth2) and google (oidc) login providers. We'll create our own custom application user that encompasses information for all types of user our application can have

Github repo:

00:00 - Start
00:38 - add oauth2 client support
02:05 - why was oauth2 created?
03:27 - real world analogy for oauth2
04:40 - oauth2 in web apps
08:03 - openid protocol
09:29 - jwt token
09:48 - oauth2 vs openid
10:56 - oauth2 flows
13:02 - spring oauth2 properties
14:39 - spring boot default oauth2 log in page
15:13 - spring security configuration
17:34 - keeping secrets in spring apps
19:28 - github oauth2 client registration
20:40 - google oidc client registration
24:14 - adding .env file for secrets
25:34 - localhost login via github and google
29:50 - network oauth2 redirects
32:55 - customize oauth2 user info endpoint
36:40 - custom App user
  1. kanezi
  2. java
  3. spring
  4. railway
  5. railway.app
  6. security
Комментарии
Автор

You provided a solution for a problem I have fought with the whole week. You are such a good teacher. Your channel will take off as soon as more people migrate to Spring Security 6. Thank you and I genuinely wish you all the best for creating such awesome content. Subscribed!!

oinohudsonobai
Автор

Waw amazing job it's better than all tutorials I had seen about oauth2, great job and thank you very much ❤

raoufgeorgemdimegh
Автор

Amazing video, explained everything step by step slowly.

victorvilar
Автор

Thank you sir for this great video! Amazing one! keep making such great videos. I am a subscriber now

simopr
Автор

hey great tutorial. Could you please extend this tutorial with react where user can login using frontend (user/email, google and github) and the backend is protect by spring oath 2. In the whole internet, i can not find that easily. most of them either fronetend only or backend only.

mbhambhu
Автор

Thanks for a clear and great tutorial.

How I can combine it with other UI client such as vue.
In other words, what is the right way to call login from a client and return user info and token to the ui client.

Thanks again 🙏

devozs
Автор

Hi,
This video is so good and easy to understand each steps.
I have a request could please make a video on my query please please.
I want implementation of
(i) .hasRole() in @Bean SecurityFilterChain and
(ii) JWT authentication in this video by which form login user can access our secured endpoint
(iii) and I do not have any idea that how a github or google logged in user can access our secured endpoint so please implement that necessary step as well by which
github or google logged in user can also access our secured end points

souravpaul
Автор

Great video! You solved most of my doubts but I have one more, how I can login with my credencials in the form and after that return a JWT token? I want to generate to give it to my FE

ozuskywalker
Автор

Why everyone is making tutorials of socal login with thymeleaf and static spring resources WTF.. 2023 and I cant find tutorial for regular Spring rest api social login

Jacker
Автор

How can we get the JWT in case we want to use front end?

ernesttomas