mindol1004/excel-download
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

google oauth login with oauth2-client

Browse Source
This commit is contained in:
kim
2020-12-09 22:48:08 +09:00
parent c786d8bb08
commit e77ae79d04
6 changed files with 57 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
spring-security/pom.xml
View File

@@ -35,6 +35,10 @@
<groupId>org.springframework.boot</groupId> <groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId> <artifactId>spring-boot-starter-web</artifactId>
</dependency> </dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-client</artifactId>
</dependency>
<dependency> <dependency>
<groupId>org.springframework.boot</groupId> <groupId>org.springframework.boot</groupId>

17
spring-security/src/main/java/com/spring/security1/config/SecurityConfig.java
View File

@@ -1,5 +1,7 @@
package com.spring.security1.config; package com.spring.security1.config;
import com.spring.security1.config.oauth.PrincipalOauth2UserService;
import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
@@ -9,10 +11,13 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
@Configuration @Configuration
@RequiredArgsConstructor
@EnableWebSecurity // 스프링 시큐리티 필터(SecurityConfig)가 스프링 필터 체인에 등록 @EnableWebSecurity // 스프링 시큐리티 필터(SecurityConfig)가 스프링 필터 체인에 등록
@EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true) // secured 어노테이션 활성화 , preAuthorized 활성화 @EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true) // secured 어노테이션 활성화 , preAuthorized 활성화
public class SecurityConfig extends WebSecurityConfigurerAdapter { public class SecurityConfig extends WebSecurityConfigurerAdapter {
private final PrincipalOauth2UserService principalOauth2UserService;
@Bean @Bean
public BCryptPasswordEncoder encodePwd() { public BCryptPasswordEncoder encodePwd() {
return new BCryptPasswordEncoder(); return new BCryptPasswordEncoder();
@@ -31,7 +36,17 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
.formLogin() .formLogin()
.loginPage("/loginForm") .loginPage("/loginForm")
.loginProcessingUrl("/login") // /login 주소가 호출이 되면 시큐리티가 대신 로그인을 진행해 준다. .loginProcessingUrl("/login") // /login 주소가 호출이 되면 시큐리티가 대신 로그인을 진행해 준다.
.defaultSuccessUrl("/"); .defaultSuccessUrl("/")
.and()
.oauth2Login()
.loginPage("/loginForm")
// 구글 로그인이 완료 된 뒤 후처리 필요함.
// 1.코드받기(인증), 2. 엑세스토큰(권한), 3 사용자 프로필 정보를 가져온다.
// 4-1. 그 정보를 가지고 회원가입을 자동으로 진행가능
// 4-2. 추가적인 정보가 필요하면 추가적인 로그인 폼 필요
// oauth-client 라이브러리는 엑세스토큰 + 사용자 프로필 정보를 받는다.
.userInfoEndpoint()
.userService(principalOauth2UserService);
} }
} }

21
spring-security/src/main/java/com/spring/security1/config/oauth/PrincipalOauth2UserService.java Normal file
View File

@@ -0,0 +1,21 @@
package com.spring.security1.config.oauth;
import org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService;
import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest;
import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
import org.springframework.security.oauth2.core.user.OAuth2User;
import org.springframework.stereotype.Service;
@Service
public class PrincipalOauth2UserService extends DefaultOAuth2UserService {
// 구글로부터 받은 userRequest 데이터에 대한 후처리 되는 함수
@Override
public OAuth2User loadUser(OAuth2UserRequest userRequest) throws OAuth2AuthenticationException {
System.out.println("userRequest: "+ userRequest.getClientRegistration());
System.out.println("userRequest: "+ userRequest.getAccessToken().getTokenValue());
System.out.println("userRequest: "+ super.loadUser(userRequest).getAttributes());
return super.loadUser(userRequest);
}
}

3
spring-security/src/main/java/com/spring/security1/model/User.java
View File

@@ -25,6 +25,9 @@ public class User {
private String email; private String email;
private String role; // ROLE_USER, ROLE_ADMIN private String role; // ROLE_USER, ROLE_ADMIN
private String provider;
private String providerId;
@CreationTimestamp @CreationTimestamp
private Timestamp createDate; private Timestamp createDate;
} }

13
spring-security/src/main/resources/application.yml
View File

@@ -19,4 +19,15 @@ spring:
ddl-auto: update #create update none ddl-auto: update #create update none
naming: naming:
physical-strategy: org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl physical-strategy: org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl
show-sql: true show-sql: true
security:
oauth2:
client:
registration:
google:
client-id: 979804919076-je9jdjt8p4nufvv0vglp9c31prvrm002.apps.googleusercontent.com
client-secret: lN0pS5NRVS8BVYdvTbWW5VZI
scope:
- email
- profile

1
spring-security/src/main/resources/templates/loginForm.html
View File

@@ -12,6 +12,7 @@
<input type="password" name="password" placeholder="Password"/> <br/> <input type="password" name="password" placeholder="Password"/> <br/>
<button>로그인</button> <button>로그인</button>
</form> </form>
<a href="/oauth2/authorization/google">구글 로그인</a>
<a href="/joinForm">회원가입을 아직 하지 않으셨나요?</a> <a href="/joinForm">회원가입을 아직 하지 않으셨나요?</a>
</body> </body>
</html> </html>