...
spring:
security:
oauth2:
client:
registration:
google:
clientIdclient-id: "ClientID"
clientSecret: "ClientSecret"ClientID
client-secret: ClientSecret
We use Spring Oauth2 for authorization.
For more detailed information, I will leave a link on how Oauth2 works.
We need to give our system access for our created endpoint.
util/security/src/main/java/com/knubisoft/security/GlobalWebSecurityConfigurerAdapter.java
In the GlobalWebSecurityConfigurerAdapter configuration class
In
private static final String[] OAUTH2_ENDPOINTS
...
And after that, you can run the project and check the functionality of this endpoint.
The main idea is that:
1) GlobalWebSecurityConfigurerAdapter configured for authorization for social networks. The main thing for us is to transfer the enpoint that is responsible for it.
2) application.yml stores the ClientID and ClientSecret that we need to access our created API
3) In case of successful authorization, we will receive an OAuth2Token in from OAuth2Userin which we can get information about the user.
In our case, we only need his email.
If you have any questions/suggestions feel free to contact @Vadym Kostenko (email: v.kostenko@knubisoft.com)
Spring OAuth2 doc
https://docs.spring.io/spring-security/reference/servlet/oauth2/login/core.html
https://spring.io/guides/tutorials/spring-boot-oauth2/
https://www.baeldung.com/spring-security-5-oauth2-login
...