springboot react oauth, with frontend-maven-plugin-CodePudding

I am using google api with spring oauth2 dependency. I have my springboot project loading my react script, but how do i incorporate the OAuth2AuthenticationToken.

package com.logic.springbootwithreact.controllers;
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

//@Controller
@RestController
@CrossOrigin
public class ClientForwardController {
    @GetMapping(value = "/**/{path:[^\\.]*")
    public String forward(OAuth2AuthenticationToken oAuth2AuthenticationToken) {
        return "forward:/";
    }
}

has anyone done a similar project with the frontend-maven-plugin and oauth2 and know the way to make your controller and what to code into the App.js

I have tried running the springboot application and called localhost:8080 and got the react page loading, but i first want to go through the google oauth2 process.

CodePudding user response：

You should use an OAuth2 / OIDC client library to handle login and token management in your React app: get authorization code, exchange code for tokens, handle tokens refreshing and last authorize requests (add access-token as Authorization header).

Spring applications with @RestControllers are resource-servers. See those tutorials to configure security.

Be aware that using Google identities in your resource-server might require to configure it with introspection (rather than JWT decoder). This has serious performance impact and is a little touchy (introspection endpoint is not standard and you'll have to provide a custom introspector in security conf). You should consider using an intermediate authorization-server capable of federating Google identities. Many OIDC solutions include "social login" which would allow you to consume Google identities (as well as Facebook, Twitter, Github, etc.) and also create accounts for users without a Google account. Keycloak is a famous on premise solution but you can also find SaaS like Auth0, Amazon Cognito and many others.