T
T
taluks2019-03-29 21:05:50
Java
taluks, 2019-03-29 21:05:50

Spring oauth2 how to authorize through third party service?

Configured a web application on the 4th spring, without boot, for authorization via facebook:

build.gradle
compile group: 'org.springframework', name: 'spring-core', 	  version: '4.3.22.RELEASE'
    compile group: 'org.springframework', name: 'spring-context', version: '4.3.22.RELEASE'
    compile group: 'org.springframework', name: 'spring-jdbc', 	  version: '4.3.22.RELEASE'
    compile group: 'org.springframework', name: 'spring-webmvc',  version: '4.3.22.RELEASE'
    
    compile group: 'org.springframework.security', name: 'spring-security-web', version: '4.2.11.RELEASE'
    compile group: 'org.springframework.security', name: 'spring-security-config', version: '4.2.11.RELEASE'
    compile group: 'org.springframework.security.oauth', name: 'spring-security-oauth2', version: '2.3.5.RELEASE'
...

WebSecurityConfig.java
@Configuration
@EnableWebSecurity
@EnableOAuth2Client
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

  @Override
  protected void configure(HttpSecurity http) throws Exception {
    //http.csrf().disable();
    
    http.authorizeRequests().mvcMatchers("/**",
        "/css/*.css", 
        "/js/*.js", 
        "/images/*.png").permitAll()
    .anyRequest().authenticated();
    
  }

  @Bean
  public OAuth2RestTemplate oauth2RestTemplate(OAuth2ClientContext oauth2ClientContext,
      OAuth2ProtectedResourceDetails details) {
    return new OAuth2RestTemplate(details, oauth2ClientContext);
  }

  @Bean
  public OAuth2ProtectedResourceDetails facebook() {
    AuthorizationCodeResourceDetails details = new AuthorizationCodeResourceDetails();
    details.setId("facebook");
    details.setClientId("appId"); // убрал для вопроса
    details.setClientSecret("secret");// убрал для вопроса
    details.setAccessTokenUri("https://graph.facebook.com/oauth/access_token");
    details.setUserAuthorizationUri("https://www.facebook.com/dialog/oauth");
    details.setScope(Arrays.asList("public_profile"));
    details.setTokenName("oauth_token");
    details.setAuthenticationScheme(AuthenticationScheme.query);
    details.setClientAuthenticationScheme(AuthenticationScheme.form);
    return details;
  }
}


How to make it so that when you go to the site, instead of "HTTP Status 403 - Access Denied" redirects to Facebook to log in?

Answer the question

In order to leave comments, you need to log in

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question