I am working on a project to implement spring boot authorization server using federated login google and Facebook.
I have successfully login using google and Facebook, and store user information in database also, it works fine for me.
Now I am facing an issue, In this project after login using Facebook/google I need to get a jwt token with user information in that token.so that I can use that token in other microservices.
I don't know how to get that .
Any help appreciated.
Thank You
Related
I am trying to build a Vaadin/Spring application that would allow the users to log in either using a username/password that I store in a DB (this part I got covered with a CustomAuthenticatorProvider), or by clicking a button that would be "Login in with your Twitch account" and that would perform the auth using oauth2 on Twitch.
For this part, I am not able to find any solution...do I have to create another CustomAuthenticatorProvider? Is there a way to use the built-in oauth2 from Spring?
Can anyone help?
Thanks!
You can use the Spring Security OAuth 2.0 client with a Vaadin app. Here's a link to a tutorial with a demo app.
Info
I'm looking for some clearification for using the Socialite package in a Lumen project. I want to use OAuth2 so users can authenticate with theire Google, Facebook or other social account on our applications.
To my understanding Socialite redirects to a page of the selected provider, asks the user for permission and return to the application with the authenticated user object. I made a base setup with a Laravel application and this all works fine.
The problem
I have an authentication API (Lumen based) where user credentials are validated. This is only a backend service. The actual user credentials are received from different front-ends (applications). Do the frontends need to implement OAuth2 / Socialite and send the social user details to my authorisation API or can the API arrange the whole OAuth2 process?
I don't quite get it how the redirection should take place in an if the whole flow is arranged by the API? There is a stateless() option available in socialite and i found some information where socialite is used in Lumen but then i don't get the whole redirect / authentication flow.
Options
Different optios
Like to hear from users if this option is possible, hope my question is clear. :)
Just to update on my own question;
After some research i found the flow to be like this:
-> Frontend handles the user request to be authorised by Oauth2 with a specific provider. (we get redirected to a page of the provider asking about permission for this application). This can be done with socialite (in case of Laravel) or any other package for a specific framwework.
-> An Access token is received by the frontend and send to our Lumen backend service. Here we can use Socialite again to get the user details for this access token. The user details can then be used to create a new user or attach a social login to an existing user. When access token is valid and user is created or found in existing user, the user can proceed in the application.
Hope to help someone in the future with the same questions :)
I am trying to make a mobile app in React-Native and Server in Spring-Boot which have a OAuth2 implemented API endpoints.
My question is how can I integrate Social Logins into my React-Native app which in save a user in my user table. apart from Social login I am using naive register/login flow which require username/password to provide access token from OAuth2 Server. How can I do the same with Just Social Login without prompting user any password or other extra information.
any general solution for this will help regardless of tech I am using.
Thanks
Usually when using social networks to login/sign up you'll get a token returned in your app which you can send via your REST API and on your backend it can then retrieve the users information from the social platform used depending on the granted scopes(e-mail, username, etc...) and store the retrieved values in the database.
Thats basically how it works in general, but if you want to have more information you probably still need to share some more info about your tech used.
Hopefully that helped you out ;)
I am trying to use spring social for my REST services and my mobile app.
I wonder what the best approach is.
I am planning to use linkedin, google login and password authentication inside my mobile app. This social login should be connected to users in my database.
My spring application will act as an API which should be secured with a JWT token. The mobile app will afterwards use this JWT token to consume the API.
On my mobile I would like to have the possibility to sign up/sign in with linkedin, facebook or password.
As far as I understood mobile requires a different oauth flow than described in https://spring.io/guides/tutorials/spring-boot-oauth2/
Seems like it required the "Proof Key for Code Exchange" flow as stated in:
https://auth0.com/docs/api-auth/grant/authorization-code-pkce
Is this correct? I didn't find any information how to best do this with spring social and if spring social supports this use case.
Could someone point me in the right direction? I just found information how to do this with single page application and not with mobile applications. Thanks a lot in advance!
One possible way would be
The mobile app uses LinkedIn or Google's SDK to do SSO to retrieve an authN token.
The mobile app passes it to the backend service, which uses it to retrieve user details (e.g email) from the oauth service.
The backend service could do additional work about the user details (for example, link with existing users).
The backend service returns a JWT token to the mobile app, which ends the SSO.
The SSO should be able to return an email address for you to link users. Sometimes you need to apply for the permission explicitly (which Facebook requires).
The key point of this approach is that it avoids using the OAuth2 library completely in your backend services because it is now handled in the mobile app by using SSO provider's SDK.
The flow is summarized in the following drawing:
========
Edited:
We used this approach to do Facebook SSO with one mobile app and it worked very well. The mobile app was in iOS, and the backend service Spring Boot.
Discussion is welcomed.
I am using Laravel 5.1 and Stormpath for User management.
I followed this documentation to implement google login
Configuring Your Social Provider = DONE
I created project in Google Console and in “Authorized redirect URIs” I've added
https://{DNS-LABEL}.apps.stormpath.io/authorize/callback
Create a Stormpath Social Directory = DONE
Initiate Social Login - In my form when I click on Google Sign In it redirects to
https://{DNS-LABEL}.apps.stormpath.io/?response_type=stormpath_token&
account_store_href=https://api.stormpath.com/v1/directories/{id}
&redirect_uri=https%3A%2F%2Flocalhost
and returns
{"status":404,"message":"Resource not found."}
As per this documentation:
The user clicks on a “Login with Google” link pointing at your application’s /authorize endpoint
Stormpath handles the login to Google and redirects the user back to your app with a Stormpath Token JWT response
What am I doing wrong? Why isn't stormpath redirecting to the google login page?
It looks like the URL that you are creating is missing the /authorize part. If you update your URL to be
https://{DNS-LABEL}.apps.stormpath.io/authorize?response_type=stormpath_token&
account_store_href=https://api.stormpath.com/v1/directories/{id}
&redirect_uri=https%3A%2F%2Flocalhost
It should begin working for you.
In a future release of the PHP SDK (which powers the laravel integration), we will be able to generate this URL for you.
If you are using our Stormpath/Laravel integration, the views provided will automatically handle social logic for you. If you are doing this from scratch, it may be worth a look at https://github.com/stormpath/stormpath-laravel
-Brian