Since a long time I wanted to integrate an OpenID Connect provider using Spring Security, The last time I tried, I felt it was very complicated and...
For further actions, you may consider blocking this person and/or reporting abuse
Looking forward for the next article. I had to integrate with a provider that used slightly non-standard definition of OAuth2 for my personal project and it was like extra 400 lines of code just to get a response with user details because once I started poking around Spring Boot autoconfiguration stopped working. Having to write my own security configuration like I know what I'm doing definitely was a learning experience
Thanks for the feedback. Here is the next article, dev.to/shyamala_u/spring-boot--spr....
How to disable displaying login page in spring security 6? I am trying to disable it doing like this:
SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http.csrf(csrf -> csrf.disable());
return http.authorizeHttpRequests((authorize) -> authorize.anyRequest().permitAll()).build();
}
but it is not working. Could you please help me out?
Hello,
I followed the instructions but I get a
"An error occurred while attempting to retrieve the OAuth 2.0 Access Token Response: 401 Unauthorized"
Do you know what could be the problem? I created the credentials in my google account. I don't know if there are additional steps to do there.
Thanks
Hi,
Have you checked if the combination of client-id and client-secret is the right value?
Hi there, great post, but I have a question how to do the same authorization for twitter, as you know twitter is on oAuth1.0a and requires some request token, what I tried is this:
twitter:
clientId: my_twitter_client_id_goes_here
clientSecret: my_twiiter_client_secret_goes_here
redirectUriTemplate: "{baseUrl}/oauth2/callback/{registrationId}"
authorization-grant-type: authorization_code
scope:
- email
- profile
provider:
twitter:
authorizationUri: api.twitter.com/oauth/authorize
tokenUri: api.twitter.com/oauth/access_token
userInfoUri: api.twitter.com/1.1/users/show.json
but I always get the same page from twitter:
Whoa there!
There is no request token for this page. That's the special key we need from applications asking to use your Twitter account. Please go back to the site or application that sent you here and try again; it was probably just a mistake.
any help would be appreciated
p.s. google and facebook are working fine because they are on oAuth2.0
I will have a look and revert, Thank you for the feedback :)
Hi Shyamala,
Simply Superb article,
How to do this using Spring xml configuration.
Thank you for the feedback. I have not worked with XML Config for a long time, I shall check .