I am building a website using Spring Boot, Spring MVC and spring -security-oauth2 and I am trying to authenticate my locally stored users with Google, Facebook, GitHub ... OAuth2. I also have a standard user password for them.
My idea is to store a pair [OAuth2_provider_type, OAuth2_subjectId] for each user in the local database from the first successful login, and then use this pair to find the correct user when the user is authenticated again by Google (or FB ...) again, I authenticate Google / Facebook correctly, but I donโt know how to connect local users to Spring OAuth2 Security and get them in SecurityContext.
Can someone point me to some example or integration test where I can see something like this?
Here I found a great Spring Boot and OAuth2 tutorial with tips in the How to Add a Local User Database section. Tried to redirect from Google to an authorized redirect of the http://localhost:10001/userendpoint URI , which is defined as .antMatchers("/user").authenticated()and get access denied
o.s.s.w.a.i.FilterSecurityInterceptor - Secure object: FilterInvocation: URL: /user?state=Wj7RVk&code=4/wa2AFtJr0K3cKTxDAYo8rTOu2p41km5o3YCPnimx4wU; Attributes: [authenticated]
o.s.s.w.a.i.FilterSecurityInterceptor - Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@6fa8940c: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffde5d4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 5888363FA9E329992073DCE4B21E8B5C; Granted Authorities: ROLE_ANONYMOUS
o.s.s.access.vote.AffirmativeBased - Voter: org.springframework.security.web.access.expression.WebExpressionVoter@29802df4, returned: -1
o.s.s.w.a.ExceptionTranslationFilter - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
Thanks so much for any help!
source
share