blog-dev-010-add-google-auth - Add google login

springBootBlog/README.md

@@ -146,4 +146,4 @@ nohup java -jar target/mdblog-0.0.1-SNAPSHOT.jar &
 - Fix bugs
   - logout, login again, redirect to wrong pages
 - FE App (Blog service V2)
-- 404, 500 ... html, custom error msg
+- 404, 500 ... html, custom error msg

springBootBlog/doc/ref.md

@@ -8,5 +8,11 @@ Markdown blog from below post series
   - [Build a Markdown-based Blog with Spring Boot - Part 5](https://www.roshanadhikary.com.np/2021/07/build-a-markdown-based-blog-with-spring-boot-part-5.html)
   - [Build a Markdown-based Blog with Spring Boot - Part 6](https://www.roshanadhikary.com.np/2021/07/build-a-markdown-based-blog-with-spring-boot-part-6.html)
   - https://github.com/osopromadze/Spring-Boot-Blog-REST-API
-- Commenting Functionality
-  - https://www.youtube.com/watch?v=if_R9__LUYY
+  - Commenting Functionality
+    - https://www.youtube.com/watch?v=if_R9__LUYY
+
+Apply Google OAuth key
+- https://console.cloud.google.com/apis/dashboard?pli=1
+- https://console.cloud.google.com/apis/dashboard?project=spring-blog-auth
+- https://www.linkedin.com/pulse/unlocking-world-web-authentication-create-google-login-pranav-sinha-rbrmf/
+- https://help.useteachify.com/zh-tw/article/google-1wcme41/

springBootBlog/src/main/java/com/yen/mdblog/OAuth/CustomOAuth2User.java

@@ -0,0 +1,39 @@
+package com.yen.mdblog.OAuth;
+
+// https://www.codejava.net/frameworks/spring-boot/oauth2-login-with-google-example
+
+
+import java.util.Collection;
+import java.util.Map;
+
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.oauth2.core.user.OAuth2User;
+
+public class CustomOAuth2User implements OAuth2User {
+
+    private OAuth2User oauth2User;
+
+    public CustomOAuth2User(OAuth2User oauth2User) {
+        this.oauth2User = oauth2User;
+    }
+
+    @Override
+    public Map<String, Object> getAttributes() {
+        return oauth2User.getAttributes();
+    }
+
+    @Override
+    public Collection<? extends GrantedAuthority> getAuthorities() {
+        return oauth2User.getAuthorities();
+    }
+
+    @Override
+    public String getName() {
+        return oauth2User.getAttribute("name");
+    }
+
+    public String getEmail() {
+        return oauth2User.<String>getAttribute("email");
+    }
+
+}

springBootBlog/src/main/java/com/yen/mdblog/config/OAuthSecurityConfig.java

@@ -2,7 +2,8 @@
 
 // social login : https://youtu.be/us0VjFiHogo?t=241
 
-import com.yen.mdblog.handler.MyLogoutHandler;
+//import com.yen.mdblog.handler.MyLogoutHandler;
+import com.yen.mdblog.service.CustomOAuth2UserService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -22,8 +23,11 @@
 @EnableWebSecurity
 public class OAuthSecurityConfig {
 
+//    @Autowired
+//    MyLogoutHandler myLogoutHandler;
+
     @Autowired
-    MyLogoutHandler myLogoutHandler;
+    CustomOAuth2UserService customOAuth2UserService;
 
     // in memory user
     // https://www.youtube.com/watch?v=66DtzkhBlSA&t=515s
@@ -82,6 +86,7 @@ SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Except
                 })
                 .formLogin(Customizer.withDefaults())
                 .oauth2Login(Customizer.withDefaults())
+                //.userDetailsService(customOAuth2UserService)
                 .build();
     }
 

springBootBlog/src/main/java/com/yen/mdblog/service/CustomOAuth2UserService.java

@@ -0,0 +1,9 @@
+package com.yen.mdblog.service;
+
+import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest;
+import org.springframework.security.oauth2.core.user.OAuth2User;
+
+public interface CustomOAuth2UserService {
+
+    public OAuth2User loadUser(OAuth2UserRequest userRequest);
+}

springBootBlog/src/main/java/com/yen/mdblog/service/impl/CustomOAuth2UserServiceImpl.java

@@ -0,0 +1,21 @@
+package com.yen.mdblog.service.impl;
+
+import com.yen.mdblog.OAuth.CustomOAuth2User;
+import com.yen.mdblog.service.CustomOAuth2UserService;
+import org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService;
+import org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService;
+import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest;
+import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
+import org.springframework.security.oauth2.core.user.OAuth2User;
+import org.springframework.stereotype.Service;
+
+@Service
+public class CustomOAuth2UserServiceImpl extends DefaultOAuth2UserService implements CustomOAuth2UserService {
+
+    @Override
+    public OAuth2User loadUser(OAuth2UserRequest userRequest) throws OAuth2AuthenticationException {
+        OAuth2User user =  super.loadUser(userRequest);
+        return new CustomOAuth2User(user);
+    }
+
+}

springBootBlog/src/main/resources/application.properties

@@ -22,4 +22,8 @@ spring.security.oauth2.client.registration.github.clientSecret=
 # google login
 
 # custom error html
-server.error.path=/error
+server.error.path=/error
+
+# google OAuth2
+spring.security.oauth2.client.registration.google.client-id=678951533842-l987a5fs2p3pnpdkkf1sin07gjqnovrq.apps.googleusercontent.com
+spring.security.oauth2.client.registration.google.client-secret=

springBootBlog/src/main/resources/application.yml

@@ -2,4 +2,14 @@ Spring:
   mvc:
     hiddenmethod:
       filter:
-        enabled: true # enable form (表單) REST function
+        enabled: true # enable form (表單) REST function
+#  security:
+#    oauth2:
+#      client:
+#        registration:
+#          google:
+#            clientId: 678951533842-l987a5fs2p3pnpdkkf1sin07gjqnovrq.apps.googleusercontent.com
+#            clientSecret:
+#            scope:
+#              - email
+#              - profile