I am developing an app, now in this app I have developed login with JWT, and now I want to do a login with google, I have read about oauth2 but I dont't find any tutorial which implements oauth2 and jwt common login. In springSecurity i have this configuration
@Autowired
private MyUserDetailsService myUserDetailService;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(myUserDetailService);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.cors();
http.csrf().disable().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and();
http.authorizeRequests().antMatchers("/login").permitAll()
.anyRequest().authenticated();
http.addFilter(new JWTAuthenticationFilter(authenticationManager()));
http.addFilter(new JWTValidationToken(authenticationManager()));
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
To generate and validation token, but if I use oauth2 I don't have token to validate it, then my token filters will send error. A lot of pages has in their registration page the log in with google and i know is possible but I do not know how to do it.
Thanks for your time and sorry for my engish, is not my native languaje
CodePudding user response:
you need to implement a logic at the client side. like when the oauth2 signin happens and you generate a jwt token make the client(here meaning browser or app) store the jwt and send it in subsequent requests to the backend until it expires and make a oauth2 signin after jwt expires.
this is how normal jwt token is maintained in the client side. you can extract the jwt from request headers or in a cookie if you want in your filters
CodePudding user response:
Thanks for the Greedy Cat's answer, I managed to find a solution as follows:
Use 2 endpoints, one of them to receive the username
and password
data and other to receive the google access token
.
For both of them, I return the jwtToken for the api calls to these two endpoints.
Check out this cool tutorial that explains this very well at this link: JWT and Social Authentication using Spring Boot