Implementing login with Facebook and Github from scratch - Java Brains
HTML-код
- Опубликовано: 5 дек 2019
- In this tutorial, we'll implement a Spring Security application from scratch and implement a login with Facebook / Github feature using OAuth SSO. You'll understand how OAuth can be used for authentication and some disadvantages of the approach.
Spring OAuth Guide: spring.io/guides/tutorials/sp...
Java Brains website: javabrains.io
#JavaBrains #BrainBytes #HowTo #SpringSecurity #Spring #SpringBoot #JWT #Java #Tutorial
Bravo!!! You're not only a developer, but also a teacher. I just completed your well-detailed spring security series. Thanks
It is always my first suggestion to my friends and colleagues who wants to learn spring hibernate is to watch Javabrains.
I liked the way you explain stuff, makes it so simple!
Awesome .... Your notification make me working day in weekend
kaushik, you are the best. saw the complete series of 3 videos on OAuth 2.0 and I feel pretty confident now on how it works. Please keep making such videos. Proud of you!!
Everyone has knowledge but this guy has skill to deliver that knowledge so that anyone can easily understand. I am impressed with your teaching skill .Hope for your better scope.
Thanks a lot for all these hard work. Waiting for openid connect next in this series
I just love the way you teach
It's pretty cool and simple way to authorize clients.. Thanks Khoushik sir 🙂🙏
Great series for Spring security 👍 Thank you👍
Please continue micro services series
Thank you java brains for this series. the concepts were broken down so well making them easy to understand.
thanks for the video sir, awaited playlist
You are doing great job, Sir. It would be a great honor if you make a full project using spring boot, microservice, (e.g management system related).
Man, awesome series about auth you have done!!
Great content and clear explanation on each topic... thanks a lot!
I really like the way you teach, following you since javascript for developer series!
I just wish you did more python videos, we need more pythonbrains
You are very good at this. I hope it is rewarding, and not just in an emotional sense. Keep it up.
too good, the specially the examples used and explained are very easy to understand
Your content is gold thank you sir
hang on a sec 😂, I like the way you start this topic.. you are a great teacher 👍
Thanks a lot sir.I'm searching your face behind your sound.But in this video i'm become so happy after seeing your face.I think genuine concept about Spring security will be complete by following your lectures. Great Job Sir.
woh woh woh!!! you are great sir... watched all your videos from spring to spring boot to microservice to spring security.... oH ho!!! you are a great man.. thank you for sharing your great knowledge.. looking forward to learn more from you.. :)
"Let's pick the latest version...it's GOOD ENOUGH" made smile ;)
Excellent and wonderful teaching style, soothing voice and superior explanation. Keep up your hard work, If possible start series on ONAP.
Thank you so much sir for providing such kind of great content with clear concepts!
Watch from 7th minute if you know what is oath otherwise don't skip he explained very well what is oath
Such an easy explanation !
You are outstanding kaushik...
Simply..... WoW !
this is exactly i was looking for. thanks
Love you Darling....You are a true legend who has super duper clarity on each topic.
I have went through all the Spring security videos and loved it. Please create new video on the Intermediate and Advanced series for Spring Security.
Hi Kaushik !! you are doing a great job, I gone thorough your videos related to Spring Security, and it was ultimate where you made my concept related to Authentication more clear by creating example with .. InMemory, Jdbc..etc. even before you made animation which was quite helpful to understand how AuthenticationManager works with different AuthenticationProvide Implementation.
Can you create few videos on AuthroizationServer in same way to get understand flow of accesstoken and its implementation, so that we can generate accesstoken/refreshtoken and validate users.
Great content
good series, thank you
Koushik Sir, It takes a lot to research on and present it this with level of articulation. I have learned a lot from your videos. I was able to switch jobs because of you. Many congratulation and THANK YOU(Pls, Assume this thank you is written in bold and biggest font size ever :P)
well done kaushik
what a nice video!
Thanks!!! It's really easy to understand and I could follow up to write running code! I hope you can make a video about how to setup an Oauth server
Koushik tech tips.... 😁
Getting better at speaking in front of the camera, man! Thanks for all the awesome tutorials!
Please make a video on websockets because I would rely on no other source than Java Brains :-)
Thanks again!!!
Thank you so much sir for an amazing series. Please also make videos on Payment gateways with spring boot.
Nice Oauth overview but as you might have noticed OAuth2 is also available for spring security what major differences can you tell there are with OAuth and OAuth2. Why did you go with Oauth instead of OAuth2. Thanks again :)
Hi .. this is excellent tutorial!!!!
Could you pls also create video on the Spring boot app +docker+kubernetes .
Awesome series, I am a better developer now.
Could you please add a video on openid connect as spring has deprecated many of oauth classes
Thank you Koushik
A very nice explanation.
Recently I got a chance to visit Germany for Working purpose, I was happy as well as surprised to see that many people in Germany follow your tutorial.
But I was really sad to hear that, they are not able to pronounce your name correctly!!!!!!!
Hi Kaushik, Could you please include the best way to initialize the DB parameters and DB pooling in Springboot?
Thank you!
I always ask my friends to go to javabrains on youtube to learn spring security. I am sure you would agree with me sir that this series is incomplete without custom auth server and resource server tutorials. I watched various videos but nobody explains the way you do, Sir. I have been waiting for that for so long. Plz make videos on custom resource owner password grant flow, custom authorization code grant flow and custom client credentials grant flow.
I agree with you and am myself waiting for the videos on custom authorization server, resource server and OAuth implementation
Hi Kaushik, your tutorial series is just great. I have learnt a lot from your videos. Now I'm asking for a bit more. I don't know if its possible but looking for something where a think client java application ( swing, fx , or Eclipse RCP) can be integrated with google authentication. It's like a valid google user can login to an application installed on a PC ( Non Browser ...no Html/javascript) . I know it may sound a bit outdated but if you could provide me with some help . thanks
This is a great video.. I got a clear idea about OAuth. I have a request please make a spring boot authentication with Microsoft Entra ID with Azure API Gateway Management.
come on Javabrains load them all..... Neo in making here
Hello Koushik! I love your classes, could you make a video about oauth2, implementing a resource and authorization server with spring?
how will we map custom roles/permissions that spring app would require after authentication e.g to allow certain features only to specific type of users
Thank you Kaushik .. it seems @EnableOAuth2Sso is deprecated, could you please update this tutorial accordingly.. thanks in advance.
Nice explanation.. please upload SAML authentication also
Thank You :)
Waiting for next videos kaushik.
Thank you for the tutorials. Great analysis.
Could you please share the github repo for this ?
How exactly to handle clientSecret? Should we put it in a db instead of a properties file? Or are there more secure ways to store them?
Hi kaushik,
U didn't tell how to create a GitHub app and I m little confused with the same. Could you please help me
Great Content Sir.
I am however getting an error when i try to use @EnableOAuth2Sso with SecurityFilterChain instead of WebSecurityConfigurerAdapter (since this is deprecated) as the annotation is somehow invoking webSecurityConfigurerAdapter. the error is get is
"Found WebSecurityConfigurerAdapter as well as SecurityFilterChain. Please select just one."
Can you please suggest a workaround for it?
TIA
Regards
Aabid
I was more curious to see how you persist the token for micro service inter communication. Who maintains the timeout, do client/micro service probe to authentication service for validity of the token when the intercommunication between the micro service happens.
wat if want to provide options for Both FB and GITHUB authentication and my own implementation too i.e . basic authentication
Please help
what if in my application let's say I am implementing the oauth using google for SIGN UP and when the user gets signup using the google auth and then the google auth will only give me the email id of the user then how I am going to implement the Authorization in my application like role based giving access to different users according to their roles.
Hi Koushik. I connect to the Internet through a proxy. In that case, should I make any changes to "application.yml"?
Thanks for the class, very informative, i have one query, where i can i find the code for this implementation. i am not clear what all the details client needs to store for subsequent request and where will one get that from in code. how to manage multi user use case.
@JavaBrains: Thank you for the nice tutorial. I have successfully implemented with the facebook authorization. I have also implemented with the github and authorization screen comes up but after that error happens.
After removing the propery "authenticationScheme: query". everything works fine.. :)
thanks bro, i had the same issue.
Hi Kaushik, please add more tutorials for authentication in micro services using open id connect
Hi there, nice tutorial!!!
Question, how do I make a call from the Postman Application? Use the Basic Authentication with username and password?
Do I get a token back? if yes, how do I use that token with Postman?
thx, Markus.
Hi Sir
Suppose we configure both Google and Facebook in the properties file if we hit localhost:8080 which page will be shown Google or Facebook page?
how can i make a button that says "login with google" "login with fb" and after that button's click i go to the login page of face book where it says "continue as kaushik", please help with this
Love from Canada #Kaushikno1fan
It appears that the maven dependency is deprecated (at least the annotation for SSO)
What to do then?
@@amritnalam9994 github.com/sreddyiitr/spring-oauth2-authentication. I followed spring.io/guides/tutorials/spring-boot-oauth2 to write it
Because of deprecated spring-boot-security, there is a new spring-security (5.0+) version. But no idea, how to implement it there. If someone has an idea, please contact me.
Great video! I have a question: does every person using this application has to beforehand go into their facebook account and allow this application? How can this be used by customers of the product?
OAuth itself is used for authorization. If Oauth is used for authentication like this, is it equivalent to SSO?
thank u
What about the situation if I don't have a UI and the user still wants to access resource server info. How to get the authorization then as without user interaction. User wont be able to enter his credentials in redirected url?
I am confused now,
Q1: is API call to Google drive is happening from browser or happening from Server(backend) hosting the Photo print Service application?
Q2: Suppose if the call happening from backend how does the user will select which picture he want to choose from google drive?
Someone pls help me answer this
How to authorize by using this approach like role base authorization?
I tried using spring-security-oauth2-autoconfigure version 2.2.4 dependency. @EnableOAuth2Sso is deprecated. Or is it compulsory to use v2.1.8?
Same issue here and also getting "Missing tokenInfoUri and userInfoUri and there is no JWT verifier key" while starting up the application. Did you make some changes to the application.yml file?
@@utkarshgupta8061 I have the same problem. Did you find by any chance a solution?
@@oleglitovka2286 Nope, I didn't.
@@utkarshgupta8061 Because of deprecated spring-boot-security, there is a new spring-security (5.0+) version. But no idea, how to implement it there. If someone has an idea, please contact me.
If the user doesn't ve account in Facebook or Github, what type of error it will shows...?
Heyy Kaushik !! one more request, if possible can you create series on SpringTransaction. I didn't find any well explained tuto video on youtube related to SpringTransaction.
Hi Koushik I have tried oauth2 Facebook example and followed all the steps as u mentioned in this video but still I am getting org.springframework.security.client.resource.UserRedirectedRequiredException:ARedirect id required to get the user approval
So could u please help me with that
Hi Sir, could you help me with implement login with Okta feature using OAuth SSO in my Non-Boot web application? I will share my sample project code with you wherein I am trying to integrate using online articles
great video , but how to integrate this functionality with angular ?
Hi, let's say I have own jwt authentication login system already and I want to add this login with Facebook as well. How can I do that
Did you find the answer? I have the same question)
Can you explain the process of saving an OAuth2 user along with a normal user in a database?
Can we have both Google and Facebook authentication and then the user can choose which one to authenticate with?
Please make tutorial how to set up few logging providers in one app (for example google and facebook). And if possibly how to bind it with custom user database in REST environment.
Man... I am preparing for a senior interview and this is just part I am trying to cover.... Because your way of teaching twist in the climax of videos...ending up continue watching...lol...
First time i created and the application worked as expected but next getting the following error. Can someone help me on this.
Further my html page is not getting hooked up.
UserInfoTokenServices : Could not fetch user details: class org.springframework.web.client.HttpClientErrorException$NotFound, 404 Not Found: [{"error":{"message":"(#803) Some of the aliases you requested do not exist: mem","type":"OAuthException","code":803,"fbtrace_id":"AZ6NSc-_Q_1jOir87Z4nUFh"}}]
if one goes to tutorial at Spring.io, he will find that the yaml looks like:
spring:
security:
oauth2:
client:
registration:
github:
so it has two more lines not present in Koushik's tutorial:
registration:
github:
I wonder if we have to constantly check if the Spring configuration has changed, otherwise our app will get broken
When I tried logging in using the Facebook OAuth for the first time, I experienced error: "Something went wrong" on FB side and when I click back, it prompted to Hello User page. :D
I think this should be fine?
big problem is .......how connect microservice oauth2-jwt with Angular ...??...!!!.....is i need to setup Client Id & Pass,Username&Pass in Angular app OR setup OAuth SSO in zuul....!!!
I recommend checking out the link in the description for Spring OAuth guides. It does a detailed job explaining these scenarios, and I don't plan to cover videos for all of them.