@EnableOAuth2Sso
annotation. According to the documentation, it allows you to create a single sign on authentication point, while reading the configuration settings itself. Because this example creates a web application, we extend the standard WebSecurityConfigurerAdapter
WebSecurityConfigurerAdapter
. Here is what it looks like: @EnableOAuth2Sso public static class LoginConfigurer extends WebSecurityConfigurerAdapter { @Override public void configure(HttpSecurity http) throws Exception { http.antMatcher("/main/**").authorizeRequests().anyRequest() .authenticated(); } }
spring: profiles: google security: oauth2: client: clientId: my client ID.apps.googleusercontent.com clientSecret: my client secret accessTokenUri: https://accounts.google.com/o/oauth2/token userAuthorizationUri: https://accounts.google.com/o/oauth2/auth scope: openid profile resource: jwt.keyUri: userInfoUri: https://www.googleapis.com/oauth2/v3/userinfo
@RequestMapping("/user") public Principal user(Principal user) { return user; }
package com.nix; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.EnableAutoConfiguration; import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso; import org.springframework.context.annotation.ComponentScan; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.stereotype.Component; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; import java.security.Principal; @Configuration @ComponentScan @EnableAutoConfiguration @RestController @RequestMapping("/main") public class SsoOpenIdConnectApplication { @RequestMapping("/user") public Principal user(Principal user) { return user; } public static void main(String[] args) { SpringApplication.run(SsoOpenIdConnectApplication.class, args); } @Component @EnableOAuth2Sso public static class LoginConfigurer extends WebSecurityConfigurerAdapter { @Override public void configure(HttpSecurity http) throws Exception { http.antMatcher("/main/**").authorizeRequests().anyRequest() .authenticated(); } } }
server: port: 9999 security: ignored: /,/favicon.ico,/index.html sessions: ALWAYS oauth2: sso: loginPath: /main/login --- spring: profiles: google security: oauth2: client: clientId: my client ID.apps.googleusercontent.com clientSecret: my client secret accessTokenUri: https://accounts.google.com/o/oauth2/token userAuthorizationUri: https://accounts.google.com/o/oauth2/auth scope: openid profile resource: jwt.keyUri: userInfoUri: https://www.googleapis.com/oauth2/v3/userinfo
<html> <head> <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script> <script> $(document).ready(function() { $("#userInfo").click(function(){ $.get("main/user", function(data, status) { if (status === "success") { $("#userData").text(JSON.stringify(data, null, '\t')); } }); }); }); </script> </head> <body> <div> <a href='main/login' id="login">login</a> <button id="userInfo">User info</button> <pre id="userData"></pre> </div> </body> </html>
Source: https://habr.com/ru/post/272529/
All Articles