This guide shows you how to build a sample app doing various things with "social login" using OAuth 2.0 and Spring Boot.
The samples are all single-page apps using Spring Boot and Spring Security on the back end. They also all use plain jQuery on the front end. But, the changes needed to convert to a different JavaScript framework or to use server-side rendering would be minimal.
There are several samples building on each other, adding new feartures at each step:
β’
simple: a very basic static app with just a home page and unconditional login via Spring Boot's OAuth 2.0 configuration properties (if you visit the home page, you will be automatically redirected to GitHub).
β’
click: adds an explicit link that the user has to click to login.
β’
logout: adds an explicit link as well for authenticated users.
β’
two-providers: add a second login provider so the user can choose on the home page which one to use.
β’
custom-error: adds an error message for unauthenticated users, and a custom authentication based on GitHub's API.
The changes needed to migrate from one app to the next one in the feature ladder can be tracked in the source code. Each version of the app is its own directory so that you can compare their differences.
Each app can be imported into an IDE. You can run the main method in SocialApplication to start an app. They all come up with a home page on http://localhost:8080(and all require that you have at least a GitHub and Google account if you want to log in and see the content).
You can also run all the apps on the command line using mvn spring-boot:run or by building the jar file and running it with mvn package and java -jar target/*.jar (per the Spring Boot docs and other available documentation). There is no need to install Maven if you use the wrapper at the top level, e.g.
$ cd simple
$ ../mvnw package
$ java -jar target/*.jar
Bash
볡μ¬
The apps all works on localhost:8080 because they'll use OAuth 2.0 clients registered with GitHub and Google for that address. To run them on a different host or port, you need to register your apps that way. There in no danger of leaking your credentials beyond localhost if you use the default values. But, be careful what you expose on the internet, and don't put your own app registrations in public source control.
Single Sign on With GitHub
In this section, you'll create a minimal application that uses GitHub for authentication. This will be quite easy by taking advantage of the autoconfiguration features in Spring Boot.
Creating a New Project
First, you need to create a Spring Boot application, which can be done in a number of ways. The easiest is to go to https://start.spring.io and generate an empty project (choosing the "Web" dependency as a starting point). Equivalently, do this on the command line:
$ mkdir ui && cd ui
$ curl https://start.spring.io/starter.tgz -d style=web -d name=simple | tar -xzvf -
Bash
볡μ¬
