Welcome! Greetings from Vietnam :)

in my course on Udemy: www.udemy.com/course/spring-boot-e-commerce-ultimate

Welcome! Greetings from Vietnam :)

@@CodeJava em cũng Người Việt ạ

Will you please make video on role based logins.

including registration (sign up)?

Glad I could help!

You're welcome! Happy learning!

Glad it was helpful!

Thank you, I will.

I think it's possible though I haven't used it for mobile apps.

Kindly refer to this Stackoverflow's thread: stackoverflow.com/questions/63352692/spring-security-5-with-oauth2-causing-principalname-cannot-be-empty-error

everything is done by Spring OAuth library so we just write some configs then focus on the business logics.

Thanks for your feedback. I understand what you meant. However, the main purpose of video is to show you guys how to integrate social login functionality for an existing Spring Boot application, you it supposes that you already have one.

You can get the full code if enroll in my course here: www.udemy.com/course/spring-boot-e-commerce-ultimate/?couponCode=SPRING08

@@CodeJava can you help me have the customerService class where i can see the logic there

Oh, that's not the purpose of social login, which allows users to login using their own google accounts - unanticipated. If you want to deny access in such case, just redirect the user to the login page with an appropriate message: httpResponse.sendRedirect("/login");

@@CodeJavaThank you so much for your reply. I'll try that out.

it is from Spring Security OAuth2 dependency: spring-boot-starter-oauth2-client

@@CodeJava Thank you.

isn't it spring-boot-starter-security?

I will publish such kind of tutorial in future. Thanks for coming and asking :)

@@CodeJava you're so enthusiastic, hope you do well in this new year!

Yes, I will.

How do you check the role of a user? You need to update your custom OAuth2User class: update roles in the getAuthorities() method.

@@CodeJava Thanks again ! I manage to get in to the page, but then I found that my Authentication was empty. I use SecurityContextHolder.getContext().getAuthentication() to get user information but it returned null, could it be possible that I have to do something to the JWT that Google sent to me ?

Do you return a CustomOAuth2User object from the method loadUser in the CustomOAuth2UserService class?

@@CodeJava Hi, I really appreciate for your response. when I ran the code in debug mode , I see that CustomOAuth2UserService is not invoking, debug is directly going to OAuth2AuthenticationSuccessHandler. Please advice me, I have pasted the code below. Thanks in advance controller: @Controller public class UserController { @RequestMapping("/login") public String home() { return "login"; } @RequestMapping("/welcome") public String welcome(Model model, Principal principal) { model.addAttribute("userDetails", principal); return "welcome"; } security Config: ------------------------- public class SecurityConfig extends WebSecurityConfigurerAdapter { @Autowired private CustomOAuth2UserService oauth2UserService; @Autowired private OAuth2AuthenticationSuccessHandler oauth2AuthenticationSuccessHandler; @Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/oauth2/**").permitAll().antMatchers("/welcome/**").authenticated() .anyRequest().permitAll().and().formLogin().loginPage("/login").and().oauth2Login().loginPage("/login") .userInfoEndpoint().userService(oauth2UserService).and() .successHandler(oauth2AuthenticationSuccessHandler).and().logout().permitAll().and().rememberMe(); } } Service: ------------ @Service public class CustomOAuth2UserService extends DefaultOAuth2UserService { @Override public OAuth2User loadUser(OAuth2UserRequest oAuth2UserRequest) throws OAuth2AuthenticationException { OAuth2User oAuth2User = super.loadUser(oAuth2UserRequest); return new CustomOAuth2User(oAuth2User); } } OAuth2AuthenticationSuccessHandler -------------------------------------------------- @Component public class OAuth2AuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler { @Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { // TODO Auto-generated method stub CustomOAuth2User oAuth2User=(CustomOAuth2User)authentication.getPrincipal(); String email=oAuth2User.getEmail(); System.out.println("Customer's Email"+ email); super.onAuthenticationSuccess(request, response, authentication); } }

@@rahilbaig3873 your code seems to be fine. Check if you use @EnableWebSecurity for the config class, and is the dependency spring-boot-starter-oauth2-client present?

​@@CodeJava Hello Ty for the tutorial, I have the same problem and have been stuck for hours ... I have @EnableWebSecurity for the config class, and the dependency spring-boot-starter-oauth2-client is present. Any help please ? :(

CustomOAuth2User : codepad.org/mg8M3n2D OAuth2LoginSuccessHandler : codepad.org/hRgg6swS CustomOAuth2UserService : codepad.org/IyyV6sat Configure Class : codepad.org/su23grlu CustomOAuth2User : codepad.org/mg8M3n2D Thank you sir

No worries! Glad it helped.

You're welcome!

@@CodeJava Can you please make a video on how to properly authenticate and authorize requests when I have multiple microservices and we want a single authentication server

@@mjpannu5210 Noted your suggestion. I will do it in future because I'm busy making my new course on Udemy this time.

có thể là IDE của em chưa hỗ trợ Java 17 chăng?

then you have to check provider type in the CustomOAuth2User object (or something else - I don't remember), and update the provider type in database accordingly.

Thank you for replying and this video helped me in understanding oauth2 better and heres how I got that wether the user logged in with fb or gmail OAuth2AuthenticationToken oauthToken = (OAuth2AuthenticationToken) authentication; OAuth2AuthorizedClient client = clientService.loadAuthorizedClient( oauthToken.getAuthorizedClientRegistrationId());

@@shawaalsaif2144 Look at the OAuth2UserRequest class as the parameter of the loadUser() method in a class that implements DefaultOAuth2UserService

khi đó thì em nên kiểm tra authentication type của user là database thì mới tiến hành đổi mật khẩu.

Welcome 😊

you're welcome. I always remember your request about Spring AOP.

a ơi ngoài ide a đang dùng thì a có dùng intellij idea ko ạ

Anh có dùng IJ. em có dùng database ko? Kiểm tra javascript error xem.

So you can follow the video "Spring Boot Email verification" here: kzbin.info/www/bejne/bZ65hZmkhK59hZo

just customize the login page, display Login with Google button only.

I'll put the code into a separate article, which will be published in near future.

source code will be published in a companion article.

could you share the full, detailed exception stack trace?

Coming soon. I will share the code when I publish a text-based article for the same topic. Thanks for watching :)

@@CodeJava a month has passed and there is no article or gita

ko em ạ. Anh chỉ có khóa tiếng Anh thôi.

kindly show me the full error/exception here.

@@CodeJava Full error/exception here: java.lang.ClassCastException: org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser cannot be cast to com.example.oauth2Google.entity.CustomOauth2User. Please seen help me!

@@sangha1722 You use the wrong type for the CustomOAuth2User class. It should implements the OAuth2User class. Check the video again.

@@CodeJava My class CustomOAuth2User: "codepad.org/pPNFzKEr". And Class Oauth2LoginSuccess: "codepad.org/fvK6mAxM" Please seen help me! Thanks.

@@sangha1722 Did u fix this problem??? i have this error too

Yes, I will. Thanks for watching :)

look at the attributes in OAUth2User object: oauth2User.getAttribute("name");

kindly find in the written article at www.codejava.net/frameworks/spring-boot/oauth2-login-with-google-example

anh chỉ có kênh tiếng Anh này thôi em ạ.

did you check this video? kzbin.info/www/bejne/n2OUmWmKnbqcjcU

@@CodeJava thank u

tell me the properties you're using for Spring OAuth configuration.

security: oauth2: client: registration: github: client-id: c23e2fe8ec9fdcaa0d21 client-secret: b81030d3df8c8f51f177427aa627cf21cf007c33 scope: - user:email - read:user

@@masnaswamy4067why github? are you configuring for google for github? for google, the configuration should be like this: security: oauth2: client: registration: google: clientId: clientSecret: scope: - email - profile

@@CodeJava no bro i have configured for GitHub only using github oauth properties .,not google

so you need to follow this video: kzbin.info/www/bejne/qJTMfmmgaNiii9U

khi nào anh có thời gian em ạ.

em gửi lỗi chi tiết (exception) được ko?

@@CodeJava em fix đc rồi anh ạ. thêm cái link uri là đc

Kindly follow the video by now because I will publish the code in an article later.

Make sure it is from org.springframework.security.oauth2.core.user.OAuth2User. Reference: docs.spring.io/spring-security/site/docs/current/api/org/springframework/security/oauth2/core/user/OAuth2User.html

I think you need to study OAuth2 attributes of Google and Facebook to know which attribute used for user photo image.

@@CodeJava ok , i will do it , thanks again!