root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 3 Packages Projects Releases Wiki Activity
spring-security/samples/boot/oauth2webclient/README.adoc

64 lines
2.9 KiB
Plaintext
Raw Normal View History

authcodegrant samples->oauth2webclient samples The authcodegrant samples were initially meant to be very simple demonstration of authorization code flow. However, it has become obvious since then that the real intent of the demo is how to use the WebClient with OAuth (there is no other reason to do authorization code flow unless you use the token to make a request). The samples have been migrated to oauth2webclient and oauth2webclient-webflux respectively. They have been improved: * The sample demonstrates usage with annotations, webclient directly, form login oauth2Login, and public APIs * The samples externalize the endpoint that is requested in the sample making it easier to try other endpoints * The UI no longer relies on a data structure for the result of the endpoint also making it easier to try other endpoints Issue: gh-4921
2018-09-07 04:10:31 +08:00
= OAuth 2.0 WebClient (Servlet) Sample
Add authcodegrant-webflux sample Issue: gh-5620
2018-08-02 01:44:19 +08:00
== GitHub Repositories
authcodegrant samples->oauth2webclient samples The authcodegrant samples were initially meant to be very simple demonstration of authorization code flow. However, it has become obvious since then that the real intent of the demo is how to use the WebClient with OAuth (there is no other reason to do authorization code flow unless you use the token to make a request). The samples have been migrated to oauth2webclient and oauth2webclient-webflux respectively. They have been improved: * The sample demonstrates usage with annotations, webclient directly, form login oauth2Login, and public APIs * The samples externalize the endpoint that is requested in the sample making it easier to try other endpoints * The UI no longer relies on a data structure for the result of the endpoint also making it easier to try other endpoints Issue: gh-4921
2018-09-07 04:10:31 +08:00
This guide provides instructions on setting up the sample application, which leverages WebClient OAuth2 integration to display a list of public GitHub repositories that are accessible to the authenticated user.
Add authcodegrant-webflux sample Issue: gh-5620
2018-08-02 01:44:19 +08:00
This includes repositories owned by the authenticated user, repositories where the authenticated user is a collaborator, and repositories that the authenticated user has access to through an organization membership.
The following sections provide detailed steps for setting up the sample and covers the following topics:
* <<github-register-application,Register OAuth application>>
* <<github-application-config,Configure application.yml>>
* <<github-boot-application,Boot up the application>>
[[github-register-application]]
=== Register OAuth application
To use GitHub's OAuth 2.0 authorization system, you must https://github.com/settings/applications/new[Register a new OAuth application].
authcodegrant samples->oauth2webclient samples The authcodegrant samples were initially meant to be very simple demonstration of authorization code flow. However, it has become obvious since then that the real intent of the demo is how to use the WebClient with OAuth (there is no other reason to do authorization code flow unless you use the token to make a request). The samples have been migrated to oauth2webclient and oauth2webclient-webflux respectively. They have been improved: * The sample demonstrates usage with annotations, webclient directly, form login oauth2Login, and public APIs * The samples externalize the endpoint that is requested in the sample making it easier to try other endpoints * The UI no longer relies on a data structure for the result of the endpoint also making it easier to try other endpoints Issue: gh-4921
2018-09-07 04:10:31 +08:00
When registering the OAuth application, ensure the *Authorization callback URL* is set to `http://localhost:8080/login/oauth2/code/client-id`.
Add authcodegrant-webflux sample Issue: gh-5620
2018-08-02 01:44:19 +08:00
The Authorization callback URL (redirect URI) is the path in the application that the end-user's user-agent is redirected back to after they have authenticated with GitHub and have granted access to the OAuth application on the _Authorize application_ page.
[[github-application-config]]
=== Configure application.yml
Now that you have a new OAuth application with GitHub, you need to configure the sample to use the OAuth application for the _authorization code grant flow_.
To do so:
. Go to `application.yml` and set the following configuration:
+
[source,yaml]
----
spring:
security:
oauth2:
client:
registration: <1>
authcodegrant samples->oauth2webclient samples The authcodegrant samples were initially meant to be very simple demonstration of authorization code flow. However, it has become obvious since then that the real intent of the demo is how to use the WebClient with OAuth (there is no other reason to do authorization code flow unless you use the token to make a request). The samples have been migrated to oauth2webclient and oauth2webclient-webflux respectively. They have been improved: * The sample demonstrates usage with annotations, webclient directly, form login oauth2Login, and public APIs * The samples externalize the endpoint that is requested in the sample making it easier to try other endpoints * The UI no longer relies on a data structure for the result of the endpoint also making it easier to try other endpoints Issue: gh-4921
2018-09-07 04:10:31 +08:00
client-id: <2>
client-id: replace-with-client-id
client-secret: replace-with-client-secret
provider: github
scopes: read:user,public_repo
Add authcodegrant-webflux sample Issue: gh-5620
2018-08-02 01:44:19 +08:00
----
+
.OAuth Client properties
====
<1> `spring.security.oauth2.client.registration` is the base property prefix for OAuth Client properties.
<2> Following the base property prefix is the ID for the `ClientRegistration`, which is github.
====
. Replace the values in the `client-id` and `client-secret` property with the OAuth 2.0 credentials you created earlier.
[[github-boot-application]]
=== Boot up the application
Launch the Spring Boot 2.0 sample and go to `http://localhost:8080`.
You are then redirected to the default _auto-generated_ form login page.
authcodegrant samples->oauth2webclient samples The authcodegrant samples were initially meant to be very simple demonstration of authorization code flow. However, it has become obvious since then that the real intent of the demo is how to use the WebClient with OAuth (there is no other reason to do authorization code flow unless you use the token to make a request). The samples have been migrated to oauth2webclient and oauth2webclient-webflux respectively. They have been improved: * The sample demonstrates usage with annotations, webclient directly, form login oauth2Login, and public APIs * The samples externalize the endpoint that is requested in the sample making it easier to try other endpoints * The UI no longer relies on a data structure for the result of the endpoint also making it easier to try other endpoints Issue: gh-4921
2018-09-07 04:10:31 +08:00
Log in using *'user'* (username) and *'password'* (password) or click the link to authenticate with GitHub and then you'll be redirected to GitHub for authentication.
Add authcodegrant-webflux sample Issue: gh-5620
2018-08-02 01:44:19 +08:00
After authenticating with your GitHub credentials, the next page presented to you is "Authorize application".
This page will ask you to *Authorize* the application you created in the previous step.
Click _Authorize application_ to allow the OAuth application to access and display your public repository information.