diff --git a/springBootBlog/README.md b/springBootBlog/README.md index d88ed1673..d24b2d919 100644 --- a/springBootBlog/README.md +++ b/springBootBlog/README.md @@ -146,4 +146,4 @@ nohup java -jar target/mdblog-0.0.1-SNAPSHOT.jar & - Fix bugs - logout, login again, redirect to wrong pages - FE App (Blog service V2) -- 404, 500 ... html, custom error msg \ No newline at end of file +- 404, 500 ... html, custom error msg diff --git a/springBootBlog/doc/ref.md b/springBootBlog/doc/ref.md index beb3e2ded..ea643d0ba 100644 --- a/springBootBlog/doc/ref.md +++ b/springBootBlog/doc/ref.md @@ -8,5 +8,11 @@ Markdown blog from below post series - [Build a Markdown-based Blog with Spring Boot - Part 5](https://www.roshanadhikary.com.np/2021/07/build-a-markdown-based-blog-with-spring-boot-part-5.html) - [Build a Markdown-based Blog with Spring Boot - Part 6](https://www.roshanadhikary.com.np/2021/07/build-a-markdown-based-blog-with-spring-boot-part-6.html) - https://github.com/osopromadze/Spring-Boot-Blog-REST-API -- Commenting Functionality - - https://www.youtube.com/watch?v=if_R9__LUYY + - Commenting Functionality + - https://www.youtube.com/watch?v=if_R9__LUYY + +Apply Google OAuth key +- https://console.cloud.google.com/apis/dashboard?pli=1 +- https://console.cloud.google.com/apis/dashboard?project=spring-blog-auth +- https://www.linkedin.com/pulse/unlocking-world-web-authentication-create-google-login-pranav-sinha-rbrmf/ +- https://help.useteachify.com/zh-tw/article/google-1wcme41/ \ No newline at end of file diff --git a/springBootBlog/src/main/java/com/yen/mdblog/OAuth/CustomOAuth2User.java b/springBootBlog/src/main/java/com/yen/mdblog/OAuth/CustomOAuth2User.java new file mode 100644 index 000000000..ca93727ca --- /dev/null +++ b/springBootBlog/src/main/java/com/yen/mdblog/OAuth/CustomOAuth2User.java @@ -0,0 +1,39 @@ +package com.yen.mdblog.OAuth; + +// https://www.codejava.net/frameworks/spring-boot/oauth2-login-with-google-example + + +import java.util.Collection; +import java.util.Map; + +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.oauth2.core.user.OAuth2User; + +public class CustomOAuth2User implements OAuth2User { + + private OAuth2User oauth2User; + + public CustomOAuth2User(OAuth2User oauth2User) { + this.oauth2User = oauth2User; + } + + @Override + public Map getAttributes() { + return oauth2User.getAttributes(); + } + + @Override + public Collection getAuthorities() { + return oauth2User.getAuthorities(); + } + + @Override + public String getName() { + return oauth2User.getAttribute("name"); + } + + public String getEmail() { + return oauth2User.getAttribute("email"); + } + +} diff --git a/springBootBlog/src/main/java/com/yen/mdblog/config/OAuthSecurityConfig.java b/springBootBlog/src/main/java/com/yen/mdblog/config/OAuthSecurityConfig.java index 5453a7f54..0a6b547b5 100644 --- a/springBootBlog/src/main/java/com/yen/mdblog/config/OAuthSecurityConfig.java +++ b/springBootBlog/src/main/java/com/yen/mdblog/config/OAuthSecurityConfig.java @@ -2,7 +2,8 @@ // social login : https://youtu.be/us0VjFiHogo?t=241 -import com.yen.mdblog.handler.MyLogoutHandler; +//import com.yen.mdblog.handler.MyLogoutHandler; +import com.yen.mdblog.service.CustomOAuth2UserService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -22,8 +23,11 @@ @EnableWebSecurity public class OAuthSecurityConfig { +// @Autowired +// MyLogoutHandler myLogoutHandler; + @Autowired - MyLogoutHandler myLogoutHandler; + CustomOAuth2UserService customOAuth2UserService; // in memory user // https://www.youtube.com/watch?v=66DtzkhBlSA&t=515s @@ -82,6 +86,7 @@ SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Except }) .formLogin(Customizer.withDefaults()) .oauth2Login(Customizer.withDefaults()) + //.userDetailsService(customOAuth2UserService) .build(); } diff --git a/springBootBlog/src/main/java/com/yen/mdblog/service/CustomOAuth2UserService.java b/springBootBlog/src/main/java/com/yen/mdblog/service/CustomOAuth2UserService.java new file mode 100644 index 000000000..762584712 --- /dev/null +++ b/springBootBlog/src/main/java/com/yen/mdblog/service/CustomOAuth2UserService.java @@ -0,0 +1,9 @@ +package com.yen.mdblog.service; + +import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest; +import org.springframework.security.oauth2.core.user.OAuth2User; + +public interface CustomOAuth2UserService { + + public OAuth2User loadUser(OAuth2UserRequest userRequest); +} diff --git a/springBootBlog/src/main/java/com/yen/mdblog/service/impl/CustomOAuth2UserServiceImpl.java b/springBootBlog/src/main/java/com/yen/mdblog/service/impl/CustomOAuth2UserServiceImpl.java new file mode 100644 index 000000000..c224383bc --- /dev/null +++ b/springBootBlog/src/main/java/com/yen/mdblog/service/impl/CustomOAuth2UserServiceImpl.java @@ -0,0 +1,21 @@ +package com.yen.mdblog.service.impl; + +import com.yen.mdblog.OAuth.CustomOAuth2User; +import com.yen.mdblog.service.CustomOAuth2UserService; +import org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService; +import org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService; +import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest; +import org.springframework.security.oauth2.core.OAuth2AuthenticationException; +import org.springframework.security.oauth2.core.user.OAuth2User; +import org.springframework.stereotype.Service; + +@Service +public class CustomOAuth2UserServiceImpl extends DefaultOAuth2UserService implements CustomOAuth2UserService { + + @Override + public OAuth2User loadUser(OAuth2UserRequest userRequest) throws OAuth2AuthenticationException { + OAuth2User user = super.loadUser(userRequest); + return new CustomOAuth2User(user); + } + +} diff --git a/springBootBlog/src/main/resources/application.properties b/springBootBlog/src/main/resources/application.properties index d9297233e..abf36f50f 100644 --- a/springBootBlog/src/main/resources/application.properties +++ b/springBootBlog/src/main/resources/application.properties @@ -22,4 +22,8 @@ spring.security.oauth2.client.registration.github.clientSecret= # google login # custom error html -server.error.path=/error \ No newline at end of file +server.error.path=/error + +# google OAuth2 +spring.security.oauth2.client.registration.google.client-id=678951533842-l987a5fs2p3pnpdkkf1sin07gjqnovrq.apps.googleusercontent.com +spring.security.oauth2.client.registration.google.client-secret= \ No newline at end of file diff --git a/springBootBlog/src/main/resources/application.yml b/springBootBlog/src/main/resources/application.yml index 187cd6a69..2f97c13b2 100644 --- a/springBootBlog/src/main/resources/application.yml +++ b/springBootBlog/src/main/resources/application.yml @@ -2,4 +2,14 @@ Spring: mvc: hiddenmethod: filter: - enabled: true # enable form (表單) REST function \ No newline at end of file + enabled: true # enable form (表單) REST function +# security: +# oauth2: +# client: +# registration: +# google: +# clientId: 678951533842-l987a5fs2p3pnpdkkf1sin07gjqnovrq.apps.googleusercontent.com +# clientSecret: +# scope: +# - email +# - profile \ No newline at end of file