Home > Mobile >  It is possible to have sign in with user and credentials(JWT) and Oauth2 sign in with google?
It is possible to have sign in with user and credentials(JWT) and Oauth2 sign in with google?

Time:11-12

I am developing an app, now in this app I have developed login with JWT, and now I want to do a login with google, I have read about oauth2 but I dont't find any tutorial which implements oauth2 and jwt common login. In springSecurity i have this configuration


    @Autowired
    private MyUserDetailsService myUserDetailService;

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(myUserDetailService);

    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.cors();
        http.csrf().disable().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and();
        http.authorizeRequests().antMatchers("/login").permitAll()
        .anyRequest().authenticated();
        http.addFilter(new JWTAuthenticationFilter(authenticationManager()));
        http.addFilter(new JWTValidationToken(authenticationManager()));
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();

To generate and validation token, but if I use oauth2 I don't have token to validate it, then my token filters will send error. A lot of pages has in their registration page the log in with google and i know is possible but I do not know how to do it.

Thanks for your time and sorry for my engish, is not my native languaje

CodePudding user response:

you need to implement a logic at the client side. like when the oauth2 signin happens and you generate a jwt token make the client(here meaning browser or app) store the jwt and send it in subsequent requests to the backend until it expires and make a oauth2 signin after jwt expires.

this is how normal jwt token is maintained in the client side. you can extract the jwt from request headers or in a cookie if you want in your filters

CodePudding user response:

Thanks for the Greedy Cat's answer, I managed to find a solution as follows:

Use 2 endpoints, one of them to receive the username and password data and other to receive the google access token.

For both of them, I return the jwtToken for the api calls to these two endpoints.

Check out this cool tutorial that explains this very well at this link: JWT and Social Authentication using Spring Boot

Page link:https//www.codepudding.com/Mobile/187761.html

Prev:ActiveMQ Artemis: javax.jms.ConnectionFactory does not receive cluster topology in case of failover
Next:When does jobExecution.getStatus() return a BatchStatus.STOPPED value in java?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding