This video here saved me! I understand OAuth2 and OpenId Connect but to have it in the Spring Boot way is a lot harder to figure out. Thank you so much for ythese videos!
@TheDevWorldbySergioLema9 ай бұрын
I'm so glad it helped you. I've also struggled a lot with this configuration 😅
@bioniccommando20098 ай бұрын
Thankyou bro very much. I have seen many videos about oauth2. It is the best
@TheDevWorldbySergioLema8 ай бұрын
Thank you Alisher!
@yaserarshad692010 ай бұрын
Hi Sergio, This is the ONLY complete example I could find to make a standalone frontend work with spring boot security. Thanks a lot for that. One question - what would be the easiest way to disable security in the development environment so we can develop the back-end without logging in?
@TheDevWorldbySergioLema10 ай бұрын
Thank you so much! The best option is to have Maven profiles and have two Spring Security configurations that load depending on the Maven profile
@홍시-y4j5 ай бұрын
Exactly what I was looking for! Thank you!
@TheDevWorldbySergioLema5 ай бұрын
So glad it helped you!
@wanggewg3 ай бұрын
Could you please make video to demo BFF pattern ( Backend for FrontEnd). BFF is thought more secure than PKCE flow. Reply
@TheDevWorldbySergioLema3 ай бұрын
Let me read more about this pattern. I've never worked on it
@HamedNaderi-q6k8 ай бұрын
This is a great tutorial. Thank you ✌👌
@TheDevWorldbySergioLema8 ай бұрын
Thanks for watching Hamed!
@عبدالصمد-ح4ت10 ай бұрын
Thanks a lot keep going
@TheDevWorldbySergioLema10 ай бұрын
Thank you!!
@muadgra35458 ай бұрын
great content, do you have any video plans about adding a docker deployment for both the frontend and backend?
@TheDevWorldbySergioLema8 ай бұрын
I have a playlist dedicated to deploy the backend to AWS, using the artifact or a docker image. For the frontend, i deploy it directly to S3, bit.ly/402muTc
@Kpiki.abalo124 ай бұрын
Hi Sergio, thank you very much. I have a question please: what role does the userDto play in the autherization process since you registered no user ? In fact in my case I want to authenticate with Google my previously registered users Who have name, email, sellerType, address properties in a springboot registration standalone microservice. How can I handle this ? Thank you very much in advance.
@TheDevWorldbySergioLema4 ай бұрын
This DTO is the user's information that come from Google. You can read some information like the name, email or phone number if the user accepts to share it.
@Kpiki.abalo124 ай бұрын
@@TheDevWorldbySergioLema ok, so it means that the authentication process with Google has nothing to do with the way my users are registered in my backend registration service. If so, then how does Google Knows that the user with given email is authorized to access my app ?
@TheDevWorldbySergioLema4 ай бұрын
The way I show in this video, I allow all the users of the world with a Google account to log in the application. If you want to restrict the access, there are several ways: * in the Google client application, configure the emails/users which have access * in your application, have a table which lists all the users which have access to your application. Add another filter in Spring Security which checks if the user authenticated with Google is also present in your table.
@Kpiki.abalo123 ай бұрын
Ok, il makes sens to me now. Thank you !
@sanketkalokhe35486 ай бұрын
Can you create an in depth tutorial about oauth2 and how to customize it along with react?
@TheDevWorldbySergioLema6 ай бұрын
Something like this one: kzbin.info/www/bejne/npfIgKSsfd17hZo ?
@huynguyentien413520 күн бұрын
how i can do if my app has two options login with user/password has registered in my db and google login ?
@TheDevWorldbySergioLema18 күн бұрын
You need to create two Spring Security Configuration beans, one for each and given them a priority.
@yaserarshad69209 ай бұрын
Hi Sergio, I am implementing your code in my application. The access token we get from google expires in 1 hour. Do you know how we can get refresh token and use it for subsequent requests? Thanks in advance
@TheDevWorldbySergioLema9 ай бұрын
I didn't use it, but you have a Refresh Token method in the Google API, cloud.google.com/java/docs/reference/google-api-client/latest/com.google.api.client.googleapis.auth.oauth2.GoogleRefreshTokenRequest. Let me know if it works for you!
@yaserarshad69209 ай бұрын
Thank you@@TheDevWorldbySergioLema
@kihel-b4e3 ай бұрын
Great Job
@TheDevWorldbySergioLema3 ай бұрын
Thanks!
@justDimoon22 күн бұрын
Thanks for the video, maybe I am a little bit do not understand but can someone explain me why spring-boot-starter-oauth2-client has been changed to spring-boot-starter-oauth2-resouce-server? What the diff between of them? I will be happy to see the answer, thanks))
@TheDevWorldbySergioLema22 күн бұрын
The Client is the one which requests protected resources. The Resource Server is the one which has the protected resources. I don't understand what you mean by "why it has been changed by".
@justDimoon22 күн бұрын
@@TheDevWorldbySergioLema thanks for the answer) I'm sorry, I only recently started to familiarize myself with this topic, so maybe I'm asking stupid questions, but I thought that it's better to ask them than not to ask them. I was wondering why you replaced the spring-boot-starter-oauth2-client dependency with spring-boot-starter-oauth2-resouce-server. Wasn't possible to leave spring-boot-starter-oauth2-client that was in the first part of the video?
@TheDevWorldbySergioLema22 күн бұрын
Feel free to ask. First, I've used the client library because I had an integrated frontend with thymleaf. But in the second part, I've used Angular as a separate frontend. This time, I can't use the client library because Google has some extra concerns about the security. Instead, I use the resource server library, and the authentication (the part done by the client library) is done manually in the AuthenticationController.
@justDimoon22 күн бұрын
@@TheDevWorldbySergioLema thank you very much))
@MrThomas03046 ай бұрын
Excellent video - thanks so much. How can I get the UserInfo to the client, e.g. if I want to display users name.
@TheDevWorldbySergioLema6 ай бұрын
You can create a dedicated endpoint to return the user's information
@MohamedamineSaassougui4 ай бұрын
Does this also work when using Facebook for registration instead of Google?
@TheDevWorldbySergioLema4 ай бұрын
Yes, it's the same workflow.
@anikalee34716 ай бұрын
hi! is the introspection-uri in your source code a placeholder? what should the actual uri be? Also, how does this integrate with the JWT tutorial that you've done separately? I'm trying to implement both in the same fullstack app but can't seem to interlink the 2! Thank you so much!!
@TheDevWorldbySergioLema6 ай бұрын
The introspection uri is the real Google API URI, the one you must call to use the authentication requests. What do you want to integrate from the other videos? As this one is already a complete authentication system, where you don't need to handle the password.
@chawebinourelhouda8073 ай бұрын
great tutorial ! but what if i want to add the option : login with registered infos how i can i integrate it
@TheDevWorldbySergioLema3 ай бұрын
I'm not sure to understand your alternative. Having the option to login with email/password OR with Google Login?
@adrian333dev10 ай бұрын
Awesome Content 👍
@TheDevWorldbySergioLema10 ай бұрын
Thank you Adrian!
@efoamegnito35465 ай бұрын
Thanks for the video I would like to implement it in a personal project I have this error please help me NG04002: Cannot match any routes. URL Segment: '%5Bobject%20Object%5D'
@TheDevWorldbySergioLema5 ай бұрын
As described in the following question: stackoverflow.com/questions/72328214/angular-router-outlet-error-cannot-match-any-routes-url-segment it seems that you must respect the OAuth2 URL path. You can't use your custom URL segments
@efoamegnito35465 ай бұрын
the error occurs after pressing the url that I retrieved from the back-end at the frontend component chapter 40:59
@efoamegnito35465 ай бұрын
@@TheDevWorldbySergioLema the error is in the redirection to google login form
@TheDevWorldbySergioLema5 ай бұрын
Is the redirect URL configured in Google the same as the one used in your application? Do you use the standard URLs or OAuth2?
@efoamegnito35465 ай бұрын
@@TheDevWorldbySergioLema yes is Oauth2
@iamdavidtega10 ай бұрын
Hi sergio, can you create a tutorial on how to implement an auth filter for your application, how you validate the access token, and lastly how to combine local login and oauth login even with auth filter implementation, thanks
@TheDevWorldbySergioLema10 ай бұрын
Wow! That's a complicated use case. Let me investigate a little bit. Maybe in several videos
@sanketkalokhe35486 ай бұрын
how did you learn this much brother. Can you tell me which course you referred?
@TheDevWorldbySergioLema6 ай бұрын
Practicing, practicing, practicing! There is no course better than create small projects by yourself.
@snakefoxxofekans4 ай бұрын
Thanks alot !
@TheDevWorldbySergioLema4 ай бұрын
Thanks to you for watching.
@sadiulhakim78148 ай бұрын
Nice Video
@TheDevWorldbySergioLema8 ай бұрын
Thanks Sadiul!
@creativegiant1706 ай бұрын
How would I authorize users tho? I mean how do I register (allow) some other email?
@TheDevWorldbySergioLema6 ай бұрын
With this solution, any user who has a Google account is authorized to access your application.
@gustavosoarification8 ай бұрын
How can I do this with OAuth2(Google) and JWT? (Sorry, my reply isn't showing in the comment)
@TheDevWorldbySergioLema8 ай бұрын
You mean Google returns a JWT with some information (not just a plain token)?
@gustavosoarification8 ай бұрын
@@TheDevWorldbySergioLema Yes! With some information
@TheDevWorldbySergioLema8 ай бұрын
I don't know Gustavo. Check this OpenID workflow: developers.google.com/identity/openid-connect/openid-connect I think you can find something useful. Let me know if you figured it out.
@gustavosoarification8 ай бұрын
@@TheDevWorldbySergioLema ok, thank youu
@mdasadalihaidar192010 ай бұрын
hey brother can you make a complete tutorial on spring boot microservices with security that will work with angular as frontend
@TheDevWorldbySergioLema9 ай бұрын
I've been adding the frontend part (with Angular and React) to my old Spring Boot videos. Now it's time to move to the microservices videos 😉
@vladxd95876 ай бұрын
Hi, can u tell me how to implement logout using your method?
@TheDevWorldbySergioLema6 ай бұрын
The logout is a little bit more complicated. As it consists in a restful application, there is no way to know if the token was deleted from everywhere or not. Nevertheless, there are some options that I've described in this article: sergiolema.dev/2023/04/03/3-ways-to-invalidate-a-jwt-token-in-the-backend-side/
@vladxd95875 ай бұрын
@@TheDevWorldbySergioLema thanks
@nadetdevfullstack704110 ай бұрын
Excellent
@TheDevWorldbySergioLema10 ай бұрын
Thank you!
@m3hdim3hdi8 ай бұрын
can we use this without webflux? if yes how?
@TheDevWorldbySergioLema8 ай бұрын
Yes you can use it without Webflux. But you have to use another library to request the Google API (like Retrofit or OkHttp).
@ultimatestrix45264 ай бұрын
angular httpclientmodule deprecated 😭😭😢😢😢😢
@TheDevWorldbySergioLema4 ай бұрын
Oh yes? Those things get deprecated very quickly
@pozzleng63288 ай бұрын
brother how to set token expired time ?
@TheDevWorldbySergioLema8 ай бұрын
I don't think you can control the expiration time. It's managed by Google. I saw in the documentation that the default expiration time is 1 hour. If you find more information, let me know.
@gustavosoarification8 ай бұрын
How can I do this with JWT?
@TheDevWorldbySergioLema8 ай бұрын
Only with a JWT? Without an OAuth2 workflow? I've made video some time ago which allows an Angular application to login into a Spring Boot backend with a JWT: kzbin.info/www/bejne/j4bUmmR_n7GLbqs
@gustavosoarification8 ай бұрын
@@TheDevWorldbySergioLema noo, OAuth2 (Google) and JWT
@gustavosoarification8 ай бұрын
@@TheDevWorldbySergioLema Noo, OAuth2 (Google) and JWT
@zenhsuld10 ай бұрын
Thanks a lot. facebook login?
@TheDevWorldbySergioLema10 ай бұрын
The next one 😅
@darshilshah1767Ай бұрын
Would have been better if you would have explained stuff in more detail. Feels like I am wasting my time just looking at you code. I have to google most of the things to understand
@TheDevWorldbySergioLemaАй бұрын
I'm sorry for that. But I don't understand why some of the custom configuration are needed, so it's harder to explain. Google has some special adaptations of the OAuth2 workflow
@MG-wx8yx4 ай бұрын
How much do you sleep per 24h? Your eyes are so white, mine are so red! Also, can you do the same tutorial but with Graphql instead of REST? Thanks for the very informative tutorial.
@TheDevWorldbySergioLema4 ай бұрын
😅 At least 6 hours. Graphql is a topic I have in my todo list, but I never found the time to investigate it
@parthv64155 ай бұрын
@TheDevWorldbySergioLema introspection-uri : what i have to add
@TheDevWorldbySergioLema5 ай бұрын
It's the Google API URL, the same I've used in the video, www.googleapis.com/
@parthv64155 ай бұрын
@@TheDevWorldbySergioLema how can i make frontend with only core javascript without any framework or library that's my university's requirements ... guide me brooo
@TheDevWorldbySergioLema5 ай бұрын
I don't use any particular dependency in the frontend. I just use the Angular structure. With plain javascript, you can have a single HTML page with a piece of code in Javascript where you call the backend as I do in the video. The point will be to display different parts of the HTML page depending on the status of the connection (authenticated or not).