DEV Community

Cover image for OAuth 2.0 Authentication in Spring Boot: A Guide to Integrating Google and GitHub Login
Ayush Shrivastava
Ayush Shrivastava

Posted on

OAuth 2.0 Authentication in Spring Boot: A Guide to Integrating Google and GitHub Login

#ayshriv #java #oauth #security

Enhance Security with OAuth 2.0: Implementing Social Logins in Spring Boot

In the world of modern web development, securing your applications and making authentication as smooth as possible for users is a top priority. That’s where OAuth 2.0 comes in—it’s a powerful tool that not only helps secure your APIs but also lets users log in with their existing accounts from platforms like Google and GitHub. This makes things easier for everyone: users don’t need to remember yet another password, and developers get a reliable way to manage authentication.

In this blog, I’ll take you step by step through how to set up OAuth 2.0 in a Spring Boot application. We’ll be integrating both Google and GitHub for authentication, so your users can choose which service they want to use to log in. I’ll also show you how to protect your API endpoints using JWT (JSON Web Tokens), ensuring that only authenticated users can access the resources they’re supposed to.

Whether you’re building a new app or adding security to an existing one, this guide will give you the tools you need to keep your Spring Boot application secure and user-friendly.

Visit https://start.spring.io/

create the project

This project is a Spring Boot application that implements OAuth 2.0 authentication with JWT, integrating Google and GitHub as OAuth providers. It provides a secure and scalable solution for user authentication, allowing users to log in using their existing accounts. The application protects API endpoints, ensuring that only authenticated users have access to sensitive resources. Ideal for developers looking to enhance security and user experience in their web applications.

Download the zip and extract it and load the project to your IDE.

The "OAuth2 Client" dependency in Spring Boot simplifies integrating OAuth 2.0 authentication with providers like Google and GitHub. It handles the entire OAuth login flow, including redirecting users to the provider's login page, managing tokens, and securing API endpoints. By adding this dependency, you can easily enable secure and user-friendly authentication in your Spring Boot application.

The "Spring Web" dependency in Spring Boot is crucial for developing web applications. It provides essential features like RESTful API creation, MVC architecture support, and the ability to serve HTML views. With Spring Web, you can easily handle HTTP requests and responses, manage routing, and integrate with other Spring components, making it a foundational part of building robust web applications.

Application Configuration

To set up your Spring Boot application for OAuth 2.0 authentication with Google and GitHub, you'll need to configure the application.properties file. This file contains essential settings for your application, including OAuth client credentials, logging levels, and JWT configurations.

spring.application.name=oauth2-authentication-service
server.port=8000

#for google
spring.security.oauth2.client.registration.google.client-id=YOUR_GOOGLE_CLIENT_ID
spring.security.oauth2.client.registration.google.client-secret=YOUR_GOOGLE_CLIENT_SECRET

#for github
spring.security.oauth2.client.registration.github.client-id=YOUR_GITHUB_CLIENT_ID
spring.security.oauth2.client.registration.github.client-secret= YOUR_GITHUB_CLIENT_SECRET
Enter fullscreen mode Exit fullscreen mode

OAuth Client Configurations: Replace YOUR_GOOGLE_CLIENT_ID, YOUR_GOOGLE_CLIENT_SECRET, YOUR_GITHUB_CLIENT_ID, and YOUR_GITHUB_CLIENT_SECRET with the credentials you obtain from Google and GitHub when you register your application.

To register your application with Google and GitHub for OAuth 2.0 authentication, we need to go https://console.cloud.google.com

OAuth (Open Authorization) is an open standard protocol that enables secure authorization in a simple and standardized way from web, mobile, and desktop applications. It allows third-party services to exchange user information without exposing credentials like passwords. Instead, OAuth uses access tokens, which grant limited access to user resources. These tokens are issued by an authorization server upon user consent and can be used by client applications to access APIs securely. OAuth is widely used in modern applications to enable single sign-on (SSO), allowing users to log in using their accounts from platforms like Google, Facebook, or GitHub.

click on API Services

OAuth (Open Authorization) is an open standard protocol that enables secure authorization in a simple and standardized way from web, mobile, and desktop applications. It allows third-party services to exchange user information without exposing credentials like passwords. Instead, OAuth uses access tokens, which grant limited access to user resources. These tokens are issued by an authorization server upon user consent and can be used by client applications to access APIs securely. OAuth is widely used in modern applications to enable single sign-on (SSO), allowing users to log in using their accounts from platforms like Google, Facebook, or GitHub.

Credentials -> create Credentials -> OAuth client ID

OAuth (Open Authorization) is an open standard protocol that enables secure authorization in a simple and standardized way from web, mobile, and desktop applications. It allows third-party services to exchange user information without exposing credentials like passwords. Instead, OAuth uses access tokens, which grant limited access to user resources. These tokens are issued by an authorization server upon user consent and can be used by client applications to access APIs securely. OAuth is widely used in modern applications to enable single sign-on (SSO), allowing users to log in using their accounts from platforms like Google, Facebook, or GitHub.

OAuth client ID -> Create OAuth client ID

OAuth (Open Authorization) is an open standard protocol that enables secure authorization in a simple and standardized way from web, mobile, and desktop applications. It allows third-party services to exchange user information without exposing credentials like passwords. Instead, OAuth uses access tokens, which grant limited access to user resources. These tokens are issued by an authorization server upon user consent and can be used by client applications to access APIs securely. OAuth is widely used in modern applications to enable single sign-on (SSO), allowing users to log in using their accounts from platforms like Google, Facebook, or GitHub.

select Application type to web Application

OAuth (Open Authorization) is an open standard protocol that enables secure authorization in a simple and standardized way from web, mobile, and desktop applications. It allows third-party services to exchange user information without exposing credentials like passwords. Instead, OAuth uses access tokens, which grant limited access to user resources. These tokens are issued by an authorization server upon user consent and can be used by client applications to access APIs securely. OAuth is widely used in modern applications to enable single sign-on (SSO), allowing users to log in using their accounts from platforms like Google, Facebook, or GitHub.

give application name

OAuth (Open Authorization) is an open standard protocol that enables secure authorization in a simple and standardized way from web, mobile, and desktop applications. It allows third-party services to exchange user information without exposing credentials like passwords. Instead, OAuth uses access tokens, which grant limited access to user resources. These tokens are issued by an authorization server upon user consent and can be used by client applications to access APIs securely. OAuth is widely used in modern applications to enable single sign-on (SSO), allowing users to log in using their accounts from platforms like Google, Facebook, or GitHub.

set Authorized redirect URIs with this URL and here our application is running on 8000 port so application port is 8000. then click on create

http://localhost:8000/login/oauth2/code/google
Enter fullscreen mode Exit fullscreen mode

OAuth (Open Authorization) is an open standard protocol that enables secure authorization in a simple and standardized way from web, mobile, and desktop applications. It allows third-party services to exchange user information without exposing credentials like passwords. Instead, OAuth uses access tokens, which grant limited access to user resources. These tokens are issued by an authorization server upon user consent and can be used by client applications to access APIs securely. OAuth is widely used in modern applications to enable single sign-on (SSO), allowing users to log in using their accounts from platforms like Google, Facebook, or GitHub.

after that OAuth client is created and we get the client ID and the Client secret.

OAuth (Open Authorization) is an open standard protocol that enables secure authorization in a simple and standardized way from web, mobile, and desktop applications. It allows third-party services to exchange user information without exposing credentials like passwords. Instead, OAuth uses access tokens, which grant limited access to user resources. These tokens are issued by an authorization server upon user consent and can be used by client applications to access APIs securely. OAuth is widely used in modern applications to enable single sign-on (SSO), allowing users to log in using their accounts from platforms like Google, Facebook, or GitHub.

copy both and replace with the the properties of application.properties file

spring.security.oauth2.client.registration.google.client-id=YOUR_GOOGLE_CLIENT_ID
spring.security.oauth2.client.registration.google.client-secret=YOUR_GOOGLE_CLIENT_SECRET
Enter fullscreen mode Exit fullscreen mode

The SecurityConfig class configures security for a Spring Boot application using OAuth2. It defines a SecurityFilterChain bean, which sets up security rules. The authorizeHttpRequests method ensures that all incoming requests require authentication. The .oauth2Login(Customizer.withDefaults()) line enables OAuth2 login functionality with default settings. Finally, the securityFilterChain method returns the configured security filter chain by calling http.build(). This setup ensures that the application is secure and supports OAuth2 authentication for users.

Accessing Your Application via Chrome

When developing and testing your Spring Boot application, it's crucial to know how to interact with it through Postman. If your application is running locally on port 8000, you can access it using the following base URL:

http://localhost:8000
Enter fullscreen mode Exit fullscreen mode

OAuth (Open Authorization) is an open standard protocol that enables secure authorization in a simple and standardized way from web, mobile, and desktop applications. It allows third-party services to exchange user information without exposing credentials like passwords. Instead, OAuth uses access tokens, which grant limited access to user resources. These tokens are issued by an authorization server upon user consent and can be used by client applications to access APIs securely. OAuth is widely used in modern applications to enable single sign-on (SSO), allowing users to log in using their accounts from platforms like Google, Facebook, or GitHub.

we get the similar response like this

OAuth (Open Authorization) is an open standard protocol that enables secure authorization in a simple and standardized way from web, mobile, and desktop applications. It allows third-party services to exchange user information without exposing credentials like passwords. Instead, OAuth uses access tokens, which grant limited access to user resources. These tokens are issued by an authorization server upon user consent and can be used by client applications to access APIs securely. OAuth is widely used in modern applications to enable single sign-on (SSO), allowing users to log in using their accounts from platforms like Google, Facebook, or GitHub.

now we can access the end points.

GitHub Authentication

GitHub Authentication in Spring Boot allows users to log in using their GitHub accounts, streamlining the authentication process and enhancing security. By integrating GitHub as an OAuth 2.0 provider, your application can authenticate users through GitHub's trusted platform. This involves registering your application on GitHub to obtain a Client ID and Client Secret, which are then configured in your Spring Boot application. Users are redirected to GitHub for login, and upon successful authentication, they are redirected back to your application with an access token, allowing secure access to your protected resources. This integration is ideal for applications targeting developers and tech-savvy users.

create GitHub account and go to settings

OAuth (Open Authorization) is an open standard protocol that enables secure authorization in a simple and standardized way from web, mobile, and desktop applications. It allows third-party services to exchange user information without exposing credentials like passwords. Instead, OAuth uses access tokens, which grant limited access to user resources. These tokens are issued by an authorization server upon user consent and can be used by client applications to access APIs securely. OAuth is widely used in modern applications to enable single sign-on (SSO), allowing users to log in using their accounts from platforms like Google, Facebook, or GitHub.

in the left corner we get the developer settings

OAuth (Open Authorization) is an open standard protocol that enables secure authorization in a simple and standardized way from web, mobile, and desktop applications. It allows third-party services to exchange user information without exposing credentials like passwords. Instead, OAuth uses access tokens, which grant limited access to user resources. These tokens are issued by an authorization server upon user consent and can be used by client applications to access APIs securely. OAuth is widely used in modern applications to enable single sign-on (SSO), allowing users to log in using their accounts from platforms like Google, Facebook, or GitHub.

Navigate to OAuth Apps

OAuth (Open Authorization) is an open standard protocol that enables secure authorization in a simple and standardized way from web, mobile, and desktop applications. It allows third-party services to exchange user information without exposing credentials like passwords. Instead, OAuth uses access tokens, which grant limited access to user resources. These tokens are issued by an authorization server upon user consent and can be used by client applications to access APIs securely. OAuth is widely used in modern applications to enable single sign-on (SSO), allowing users to log in using their accounts from platforms like Google, Facebook, or GitHub.

click on create OAuth App

OAuth (Open Authorization) is an open standard protocol that enables secure authorization in a simple and standardized way from web, mobile, and desktop applications. It allows third-party services to exchange user information without exposing credentials like passwords. Instead, OAuth uses access tokens, which grant limited access to user resources. These tokens are issued by an authorization server upon user consent and can be used by client applications to access APIs securely. OAuth is widely used in modern applications to enable single sign-on (SSO), allowing users to log in using their accounts from platforms like Google, Facebook, or GitHub.

we get the interface like this

OAuth (Open Authorization) is an open standard protocol that enables secure authorization in a simple and standardized way from web, mobile, and desktop applications. It allows third-party services to exchange user information without exposing credentials like passwords. Instead, OAuth uses access tokens, which grant limited access to user resources. These tokens are issued by an authorization server upon user consent and can be used by client applications to access APIs securely. OAuth is widely used in modern applications to enable single sign-on (SSO), allowing users to log in using their accounts from platforms like Google, Facebook, or GitHub.

set ** Authorization callback URL ** according to your application port

http://localhost:8000/login/oauth2/code/github
Enter fullscreen mode Exit fullscreen mode

OAuth (Open Authorization) is an open standard protocol that enables secure authorization in a simple and standardized way from web, mobile, and desktop applications. It allows third-party services to exchange user information without exposing credentials like passwords. Instead, OAuth uses access tokens, which grant limited access to user resources. These tokens are issued by an authorization server upon user consent and can be used by client applications to access APIs securely. OAuth is widely used in modern applications to enable single sign-on (SSO), allowing users to log in using their accounts from platforms like Google, Facebook, or GitHub.

and set Homepage URL

http://localhost:8000
Enter fullscreen mode Exit fullscreen mode

after registering the Application we get the Client ID and Client Secret

OAuth (Open Authorization) is an open standard protocol that enables secure authorization in a simple and standardized way from web, mobile, and desktop applications. It allows third-party services to exchange user information without exposing credentials like passwords. Instead, OAuth uses access tokens, which grant limited access to user resources. These tokens are issued by an authorization server upon user consent and can be used by client applications to access APIs securely. OAuth is widely used in modern applications to enable single sign-on (SSO), allowing users to log in using their accounts from platforms like Google, Facebook, or GitHub.

now replace with the Application.properties file properties

spring.security.oauth2.client.registration.github.client-id=Ov23liBMLc5e1ItoONPx
spring.security.oauth2.client.registration.github.client-secret=
Enter fullscreen mode Exit fullscreen mode

Image description

Test the GitHub Login

Login with GitHub: When prompted, log in with your GitHub credentials.
Success Redirect: Upon successful authentication, you'll be redirected to the /home page of your application.

Image description

You can explore the complete source code for the User Authentication Service on my GitHub repository. This project showcases various features such as user registration, login, and secure access using JWT for authentication. Feel free to check it out, contribute, or use it as a reference for your own projects!

GitHub Repository: https://github.com/ishrivasayush/oauth2-authentication-service

Conclusion

Implementing OAuth 2.0 with Spring Boot, using Google and GitHub as authentication providers, is a powerful way to enhance the security and usability of your application. By allowing users to log in with their existing accounts, you reduce friction and provide a smoother user experience. At the same time, securing your API endpoints with JWT ensures that only authenticated users have access to sensitive resources.

Through this guide, we’ve covered everything from setting up OAuth credentials on Google and GitHub to configuring your Spring Boot application to handle authentication and protect your endpoints. Whether you’re new to OAuth 2.0 or looking to integrate it into your projects, these steps will help you build a secure and scalable authentication system.

Security is a never-ending journey, but with the right tools and practices, you can build applications that are both safe and user-friendly. Now that you have a solid foundation, you can explore further by adding more providers, customizing the user experience, or diving deeper into JWT configurations. Happy coding!

Top comments (0)

Read next

vishalendu profile image

Using Java EpsilonGC to look at memory allocation.

Vishalendu Pandey -

pedroajs profile image

O que é uma Anticorruption Layer?

Pedro Augusto -

agitrubard profile image

🚀 I Improve Your IDEs: The Most Useful Plugins

Agit Rubar Demir -

tmohchelios profile image

Le Java Memory Model : Comprendre la concurrence en profondeur

Mohamad BEYLA Touré -