DEV Community: Shivam Yadav

OAuth2 Spring Boot GitHub Authentication

Shivam Yadav — Sat, 18 Jan 2025 18:04:44 +0000

We are going to create a user login functionality using the OAuth2 dependency of Spring. I am using Java SE21 and Spring Boot 3.4.1 version.

I have referred the Dan Vega's Youtube video for this demonstration.

Let's start...

Step 1: We need two dependencies for this project in our pom.xml: Spring Web and OAuth2 Client

<dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-oauth2-client</artifactId>
</dependency>
<dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
</dependency>

Step 2: Let's create a RestController for the public and secured endpoints as shown below.

package com.sky.cob_service.controller;

import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class COBController {

    @GetMapping("/")
    public String cobHome() {
        return "Welcome to COB Public Home Page";
    }
    @GetMapping("/COBPrivateHome")
    public String cobPrivateHome() {
        return "Welcome to COB Private Home Page";
    }
}

One thing to note here is that we get Spring Security on classpath in this application as we have included the OAuth2 client dependency. Hence, when we start the application we get the below plain login screen by default.

Step 3: To override the default username and password of Spring Security we need to create a custom Spring Security Configuration.

ackage com.sky.cob_service.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.SecurityFilterChain;

@Configuration
@EnableWebSecurity
public class COBSecurityConfig {

    @Bean
    SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        return http
                .authorizeHttpRequests(auth -> {
                    auth.requestMatchers("/").permitAll();
                    auth.anyRequest().authenticated();
                })
                .oauth2Login(Customizer.withDefaults())
                .formLogin(Customizer.withDefaults())
                .build();
        }
}

Step 4: In order to configure the GitHub OAuth Login in our application, we will first create a secret by logging into GitHub Account and navigate to below path.

Create a secret and fill in the details for homepage url and callback url as below.

Note: Callback URL is the one that needs to be used as it is.

Step 5: Last step is to provide the client-id and client-secret created in Step 4 for GitHub OAuth in our application.properties file.

server.port=8763

logging.level.org.springframework.security=TRACE

#github login
spring.security.oauth2.client.registration.github.client-id=
spring.security.oauth2.client.registration.github.client-secret=

Finally, to test everything is working fine. Just hit the localhost:8763 URL and see you will get your public home page by default.

Now, try hitting the secured private endpoint mentioned in the RestController.

http://localhost:8763/COBPrivateHome

It will redirect you to the login page showing both password based and GitHub OAuth based Login methods.

Go ahead with the GitHub login and you will see the private home page content displayed once you are logged in via your GitHub Account.

Thanks for reading till the end. See you in the next one!

Microservices Part 01: Creating Service Registry Application

Shivam Yadav — Thu, 16 Jan 2025 19:05:32 +0000

In order to create a Microservices Application we will first require a Service Registry which is nothing but a special kind of microservice that will have a list of microservices registered inside it.

There are total three steps to create a Service Registry.

Step1: We are going to write our Service Registry microservice application using the spring-cloud-starter-netflix-eureka-server dependency.

<project xmlns="http://maven.apache.org/POM/4.0.0"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>3.4.1</version>
        <relativePath/> <!-- lookup parent from repository -->
    </parent>
    <groupId>com.sky</groupId>
    <artifactId>service-registry</artifactId>
    <version>1.0</version>
    <name>service-registry</name>
    <description>Registry for Job Portal Application</description>
    <url/>
    <licenses>
        <license/>
    </licenses>
    <developers>
        <developer/>
    </developers>
    <scm>
        <connection/>
        <developerConnection/>
        <tag/>
        <url/>
    </scm>
    <properties>
        <java.version>21</java.version>
        <spring-cloud.version>2024.0.0</spring-cloud.version>
    </properties>
    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-starter-netflix-eureka-server</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>
    </dependencies>
    <dependencyManagement>
        <dependencies>
            <dependency>
                <groupId>org.springframework.cloud</groupId>
                <artifactId>spring-cloud-dependencies</artifactId>
                <version>${spring-cloud.version}</version>
                <type>pom</type>
                <scope>import</scope>
            </dependency>
        </dependencies>
    </dependencyManagement>

    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
            </plugin>
        </plugins>
    </build>

</project>

service-registry/pom.xml

Step 2: Now, we need to also include the annotation @EnableEurekaServer to notify that this particular application will act as a Registry Server.

package com.sky.service_registry;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.netflix.eureka.server.EnableEurekaServer;

@SpringBootApplication
@EnableEurekaServer
public class ServiceRegistryApplication {

    public static void main(String[] args) {
        SpringApplication.run(ServiceRegistryApplication.class, args);
    }

}

service_registry/ServiceRegistryApplication.java

Step 3: We need to also specify the below details. To tell Spring to not register this application as a microservice. As all the other microservices will be registered inside this special microservice.

spring.application.name=service-registry
server.port=8761

eureka.instance.hostname=localhost
eureka.client.register-with-eureka=false
eureka.client.fetch-registry=false

/service-registry/src/main/resources/application.properties

Step 4: We will create a new microservice and try to register it in the Service Registry that was created in the previous steps.

We need to add the spring-cloud-starter-netflix-eureka-client dependency in our pom.xml of the new microservice in order to make it available/discoverable for registeration in the Service Registry.

    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-starter-netflix-eureka-client</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>
    </dependencies>

Step 5: Also, we have to add below configuration for newly created microservice to specify the url for eureka server i.e. our Service Registry.

spring.application.name=job-search-service
server.port=8762

eureka.client.service-url.defaultZone=http://localhost:8761/eureka

Step 6: Now, make sure the Service Registry and the newly created microservice is running. To validate if the registration is success we can go to the Eureka Server URL(http://localhost:8761/) and locate the new microservice name there as shown in below snapshot.

Stay tuned for the next part of the Microservices Blog.
Thanks for reading!