You are viewing an old version of this page. View the current version.

Compare with Current Restore this Version View Page History

« Previous Version 13 Current »

This documentation is for setting up for sign in/up  via social networks.
There are many different APIs that provide an opportunity to log into the system.
Examples are Google, Facebook, Twitter, Apple, Github, and others.


In order to do this implementation, you need:

1) Register an account to create an API. Many of the different networks offer the ability to create APIs for your projects, but for this you need to create a developer account.

2) Next, you must create an API on this account for what you need it for. In our case, we are creating an API for sign in/up 

3) After you have created the API, ClientID and ClientSecret will be generated for you. These are the main parameters we need in our project.

After receiving these credentials , we will use them in our project.


To begin with, we need to create an endpoint that will be responsible for sing in/up  for the selected social network.

In api/api-spec/src/main/resources/spec/api

  • You need to create a new directory that will be your new API class. 
  • In it, you must create a controller.xml in which you will describe the endpoints. 
  • In the newly created directory, make another directory. This will be your endpoint. 
  • In this directory, you must create an endpoint.xml file. This is where you describe the behavior of your endpoint for authorization.

And after that, we need to generate our objects.

cmd/run generate api

@GET("/api/v1/login/google")
public ResponseEntity<GenericApiResponse<JwtTokenResponse>> loginViaGoogle(final OAuth2User user) {
    
}

After we have created our endpoint, we need to configure this endpoint for authorization.
For this, we will just use our ClientID and ClientSecret.
In application.yml we need to create a section for our functional.

spring:
  security:
    oauth2:
      client:
        registration:
          google: (twitter, facebook, apple, okta, and others.)
            client-id: ClientID
            client-secret: ClientSecret


We use Spring Oauth2 for authorization.
For more detailed information, I will leave a link on how Oauth2 works.

We need to give our system access for our created endpoint.

util/security/src/main/java/com/knubisoft/security/GlobalWebSecurityConfigurerAdapter.java

In the GlobalWebSecurityConfigurerAdapter configuration class
In

private static final String[] OAUTH2_ENDPOINTS

we must pass our newly created endpoint so that the system provides access to go to this endpoint

private static final String[] OAUTH2_ENDPOINTS = {"/api/v1/login/google"};

And after that, you can run the project and check the functionality of this endpoint.
The main idea is that:
1) GlobalWebSecurityConfigurerAdapter configured for authorization for social networks. The main thing for us is to transfer the enpoint that is responsible for it.
2) application.yml stores the ClientID and ClientSecret that we need to access our created API
3) In case of successful authorization, we will receive an OAuth2Token from OAuth2User in which we can get information about the user.

In our case, we only need his email.

If you have any questions/suggestions feel free to contact @Vadym Kostenko (email: v.kostenko@knubisoft.com)

Spring OAuth2 doc
https://docs.spring.io/spring-security/reference/servlet/oauth2/login/core.html
https://spring.io/guides/tutorials/spring-boot-oauth2/
https://www.baeldung.com/spring-security-5-oauth2-login