diff --git a/libraries-security/pom.xml b/libraries-security/pom.xml
index 8f8506172f..0b7cddb885 100644
--- a/libraries-security/pom.xml
+++ b/libraries-security/pom.xml
@@ -8,12 +8,30 @@
com.baeldung
- parent-modules
- 1.0.0-SNAPSHOT
+ parent-boot-1
+ 0.0.1-SNAPSHOT
+ ../parent-boot-1
+
+ org.springframework.boot
+ spring-boot-starter-web
+
+
+
+ org.springframework.security.oauth
+ spring-security-oauth2
+ 2.3.3.RELEASE
+
+
+
+ com.github.scribejava
+ scribejava-apis
+ 5.6.0
+
+
junit
junit
diff --git a/libraries-security/src/main/java/com/baeldung/scribejava/ScribejavaApplication.java b/libraries-security/src/main/java/com/baeldung/scribejava/ScribejavaApplication.java
new file mode 100644
index 0000000000..bb86c497b0
--- /dev/null
+++ b/libraries-security/src/main/java/com/baeldung/scribejava/ScribejavaApplication.java
@@ -0,0 +1,15 @@
+package com.baeldung.scribejava;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+
+@SpringBootApplication
+public class ScribejavaApplication {
+
+ public static void main(String[] args) {
+ SpringApplication.run(ScribejavaApplication.class, args);
+ }
+
+
+}
diff --git a/libraries-security/src/main/java/com/baeldung/scribejava/api/MyApi.java b/libraries-security/src/main/java/com/baeldung/scribejava/api/MyApi.java
new file mode 100644
index 0000000000..577e753c07
--- /dev/null
+++ b/libraries-security/src/main/java/com/baeldung/scribejava/api/MyApi.java
@@ -0,0 +1,27 @@
+package com.baeldung.scribejava.api;
+
+import com.github.scribejava.core.builder.api.DefaultApi20;
+
+public class MyApi extends DefaultApi20 {
+
+ public MyApi() {
+ }
+
+ private static class InstanceHolder {
+ private static final MyApi INSTANCE = new MyApi();
+ }
+
+ public static MyApi instance() {
+ return InstanceHolder.INSTANCE;
+ }
+
+ @Override
+ public String getAccessTokenEndpoint() {
+ return "http://localhost:8080/oauth/token";
+ }
+
+ @Override
+ protected String getAuthorizationBaseUrl() {
+ return null;
+ }
+}
diff --git a/libraries-security/src/main/java/com/baeldung/scribejava/controller/GoogleController.java b/libraries-security/src/main/java/com/baeldung/scribejava/controller/GoogleController.java
new file mode 100644
index 0000000000..ffe4f0cc8a
--- /dev/null
+++ b/libraries-security/src/main/java/com/baeldung/scribejava/controller/GoogleController.java
@@ -0,0 +1,49 @@
+package com.baeldung.scribejava.controller;
+
+import com.baeldung.scribejava.service.GoogleService;
+import com.github.scribejava.core.model.OAuth2AccessToken;
+import com.github.scribejava.core.model.OAuthRequest;
+import com.github.scribejava.core.model.Response;
+import com.github.scribejava.core.model.Verb;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
+
+import javax.servlet.http.HttpServletResponse;
+
+@RestController
+public class GoogleController {
+
+ @Autowired
+ private GoogleService service;
+
+
+ @GetMapping(value ="/me/google")
+ public void me(HttpServletResponse response){
+ String auth = service.getService().getAuthorizationUrl();
+
+ response.setHeader("Location", auth);
+ response.setStatus(302);
+
+ }
+
+ @GetMapping(value = "/auth/google")
+ public String google(@RequestParam String code, HttpServletResponse servletResponse){
+
+ try {
+ OAuth2AccessToken token = service.getService().getAccessToken(code);
+
+ OAuthRequest request = new OAuthRequest(Verb.GET, "https://www.googleapis.com/oauth2/v1/userinfo?alt=json");
+ service.getService().signRequest(token, request);
+ Response response = service.getService().execute(request);
+ return response.getBody();
+
+ }catch (Exception e){
+ servletResponse.setStatus(HttpServletResponse.SC_BAD_REQUEST);
+ }
+
+ return null;
+ }
+
+}
diff --git a/libraries-security/src/main/java/com/baeldung/scribejava/controller/TwitterController.java b/libraries-security/src/main/java/com/baeldung/scribejava/controller/TwitterController.java
new file mode 100644
index 0000000000..bfcd6d960c
--- /dev/null
+++ b/libraries-security/src/main/java/com/baeldung/scribejava/controller/TwitterController.java
@@ -0,0 +1,57 @@
+package com.baeldung.scribejava.controller;
+
+import com.baeldung.scribejava.service.TwitterService;
+import com.github.scribejava.core.model.*;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.Scanner;
+import java.util.concurrent.ExecutionException;
+
+@RestController
+public class TwitterController {
+
+ @Autowired
+ private TwitterService service;
+
+
+ @GetMapping(value ="/me/twitter")
+ public String me(HttpServletResponse servletResponse){
+ try {
+ OAuth1RequestToken requestToken = service.getService().getRequestToken();
+
+ String auth = service.getService().getAuthorizationUrl(requestToken);
+
+ Runtime runtime = Runtime.getRuntime();
+ try {
+ runtime.exec("rundll32 url.dll,FileProtocolHandler " + auth);
+ } catch (IOException e) {
+ servletResponse.setStatus(HttpServletResponse.SC_BAD_REQUEST);
+ return null;
+ }
+
+ System.out.println("Insert twitter code:");
+ Scanner in = new Scanner(System.in);
+
+ String oauthverifier = in.nextLine();
+
+ final OAuth1AccessToken accessToken = service.getService().getAccessToken(requestToken,oauthverifier);
+
+ OAuthRequest request = new OAuthRequest(Verb.GET, "https://api.twitter.com/1.1/account/verify_credentials.json");
+ service.getService().signRequest(accessToken, request);
+ Response response = service.getService().execute(request);
+ return response.getBody();
+
+ } catch (IOException | InterruptedException | ExecutionException e) {
+ servletResponse.setStatus(HttpServletResponse.SC_BAD_REQUEST);
+ }
+
+ return null;
+ }
+
+
+
+}
diff --git a/libraries-security/src/main/java/com/baeldung/scribejava/controller/UserController.java b/libraries-security/src/main/java/com/baeldung/scribejava/controller/UserController.java
new file mode 100644
index 0000000000..68a11250de
--- /dev/null
+++ b/libraries-security/src/main/java/com/baeldung/scribejava/controller/UserController.java
@@ -0,0 +1,46 @@
+package com.baeldung.scribejava.controller;
+
+import com.baeldung.scribejava.service.MyService;
+import com.github.scribejava.core.model.OAuth2AccessToken;
+import com.github.scribejava.core.model.OAuthRequest;
+import com.github.scribejava.core.model.Response;
+import com.github.scribejava.core.model.Verb;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
+
+import javax.servlet.http.HttpServletResponse;
+import java.security.Principal;
+
+@RestController(value = "/user")
+public class UserController {
+
+ @Autowired
+ private MyService service;
+
+ @GetMapping("/me/myapi")
+ public String me(@RequestParam String username, @RequestParam String password, HttpServletResponse responsehttp) {
+
+ try {
+ OAuth2AccessToken token = service.getService().getAccessTokenPasswordGrant(username, password);
+
+ OAuthRequest request = new OAuthRequest(Verb.GET, "http://localhost:8080/me");
+ service.getService().signRequest(token, request);
+ Response response = service.getService().execute(request);
+
+ return response.getBody();
+
+ } catch (Exception e) {
+ responsehttp.setStatus(HttpServletResponse.SC_BAD_REQUEST);
+ }
+
+ return null;
+
+ }
+
+ @GetMapping("/me")
+ public Principal user(Principal principal) {
+ return principal;
+ }
+}
diff --git a/libraries-security/src/main/java/com/baeldung/scribejava/oauth/AuthServiceConfig.java b/libraries-security/src/main/java/com/baeldung/scribejava/oauth/AuthServiceConfig.java
new file mode 100644
index 0000000000..2c7162399b
--- /dev/null
+++ b/libraries-security/src/main/java/com/baeldung/scribejava/oauth/AuthServiceConfig.java
@@ -0,0 +1,45 @@
+package com.baeldung.scribejava.oauth;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
+import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
+import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
+import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
+
+
+@Configuration
+@EnableAuthorizationServer
+public class AuthServiceConfig extends AuthorizationServerConfigurerAdapter {
+
+ @Autowired
+ @Qualifier("authenticationManagerBean")
+ private AuthenticationManager authenticationManager;
+
+ @Override
+ public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
+ oauthServer.tokenKeyAccess("permitAll()")
+ .checkTokenAccess("isAuthenticated()");
+ }
+
+ @Override
+ public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
+ clients.inMemory()
+ .withClient("baeldung_api_key")
+ .secret("baeldung_api_secret")
+ .authorizedGrantTypes("password","refresh_token")
+ .scopes("read","write").autoApprove(true);
+ }
+
+ @Override
+ public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
+ endpoints
+ .authenticationManager(authenticationManager)
+ .allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST);
+ }
+
+}
diff --git a/libraries-security/src/main/java/com/baeldung/scribejava/oauth/WebSecurityConfig.java b/libraries-security/src/main/java/com/baeldung/scribejava/oauth/WebSecurityConfig.java
new file mode 100644
index 0000000000..7aa51400ea
--- /dev/null
+++ b/libraries-security/src/main/java/com/baeldung/scribejava/oauth/WebSecurityConfig.java
@@ -0,0 +1,53 @@
+package com.baeldung.scribejava.oauth;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
+import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
+
+@Configuration
+@EnableResourceServer
+public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ http
+ .headers().frameOptions().disable()
+ .and()
+ .csrf().disable();
+ }
+
+ @Override
+ protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+ auth.inMemoryAuthentication()
+ .withUser("baeldung")
+ .password("scribejava")
+ .roles("USER");
+ }
+
+ @Override
+ @Bean
+ public AuthenticationManager authenticationManagerBean() throws Exception {
+ return super.authenticationManagerBean();
+ }
+
+
+ @EnableResourceServer
+ @Configuration
+ public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
+
+ @Override
+ public void configure(HttpSecurity http) throws Exception {
+ http
+ .authorizeRequests()
+ .antMatchers("/user/me").authenticated()
+ .and()
+ .csrf().disable();
+ }
+ }
+
+}
diff --git a/libraries-security/src/main/java/com/baeldung/scribejava/service/GoogleService.java b/libraries-security/src/main/java/com/baeldung/scribejava/service/GoogleService.java
new file mode 100644
index 0000000000..fbcc39763c
--- /dev/null
+++ b/libraries-security/src/main/java/com/baeldung/scribejava/service/GoogleService.java
@@ -0,0 +1,31 @@
+package com.baeldung.scribejava.service;
+
+import com.github.scribejava.apis.GoogleApi20;
+import com.github.scribejava.core.builder.ServiceBuilder;
+import com.github.scribejava.core.oauth.OAuth20Service;
+import org.springframework.stereotype.Component;
+
+import javax.annotation.PostConstruct;
+@Component
+public class GoogleService {
+
+ private OAuth20Service service;
+ private final String API_KEY = "api_key";
+ private final String API_SECRET = "api_secret";
+ private final String SCOPE = "https://www.googleapis.com/auth/userinfo.email";
+ private final String CALLBACK = "http://localhost:8080/auth/google";
+
+ @PostConstruct
+ private void init(){
+ this.service = new ServiceBuilder(API_KEY)
+ .apiSecret(API_SECRET)
+ .scope(SCOPE)
+ .callback(CALLBACK)
+ .build(GoogleApi20.instance());
+ }
+
+
+ public OAuth20Service getService() {
+ return service;
+ }
+}
diff --git a/libraries-security/src/main/java/com/baeldung/scribejava/service/MyService.java b/libraries-security/src/main/java/com/baeldung/scribejava/service/MyService.java
new file mode 100644
index 0000000000..739c82172c
--- /dev/null
+++ b/libraries-security/src/main/java/com/baeldung/scribejava/service/MyService.java
@@ -0,0 +1,29 @@
+package com.baeldung.scribejava.service;
+
+import com.baeldung.scribejava.api.MyApi;
+import com.github.scribejava.core.builder.ServiceBuilder;
+import com.github.scribejava.core.oauth.OAuth20Service;
+import org.springframework.stereotype.Component;
+
+import javax.annotation.PostConstruct;
+
+@Component
+public class MyService {
+
+ private OAuth20Service service;
+ private final String API_KEY = "baeldung_api_key";
+ private final String API_SECRET = "baeldung_api_secret";
+
+ @PostConstruct
+ private void init(){
+ this.service = new ServiceBuilder(API_KEY)
+ .apiSecret(API_SECRET)
+ .scope("read write")
+ .build(MyApi.instance());
+ }
+
+
+ public OAuth20Service getService() {
+ return service;
+ }
+}
diff --git a/libraries-security/src/main/java/com/baeldung/scribejava/service/TwitterService.java b/libraries-security/src/main/java/com/baeldung/scribejava/service/TwitterService.java
new file mode 100644
index 0000000000..df49f74679
--- /dev/null
+++ b/libraries-security/src/main/java/com/baeldung/scribejava/service/TwitterService.java
@@ -0,0 +1,29 @@
+package com.baeldung.scribejava.service;
+
+import com.github.scribejava.apis.TwitterApi;
+import com.github.scribejava.core.builder.ServiceBuilder;
+import com.github.scribejava.core.oauth.OAuth10aService;
+import org.springframework.stereotype.Component;
+
+import javax.annotation.PostConstruct;
+
+@Component
+public class TwitterService {
+
+ private final String API_KEY = "api_key";
+ private final String API_SECRET = "api_secret";
+ private OAuth10aService service;
+
+ @PostConstruct
+ private void init(){
+ this.service = new ServiceBuilder(API_KEY)
+ .apiSecret(API_SECRET)
+ .build(TwitterApi.instance());
+ }
+
+ public OAuth10aService getService(){
+ return service;
+ }
+
+
+}
diff --git a/libraries-security/src/main/resources/application.properties b/libraries-security/src/main/resources/application.properties
new file mode 100644
index 0000000000..71c6176533
--- /dev/null
+++ b/libraries-security/src/main/resources/application.properties
@@ -0,0 +1 @@
+security.oauth2.resource.filter-order = 3
\ No newline at end of file
diff --git a/libraries-security/src/test/java/com/baeldung/scribejava/ScribejavaApplicationTests.java b/libraries-security/src/test/java/com/baeldung/scribejava/ScribejavaApplicationTests.java
new file mode 100644
index 0000000000..99e2265d10
--- /dev/null
+++ b/libraries-security/src/test/java/com/baeldung/scribejava/ScribejavaApplicationTests.java
@@ -0,0 +1,16 @@
+package com.baeldung.scribejava;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.context.junit4.SpringRunner;
+
+@RunWith(SpringRunner.class)
+@SpringBootTest
+public class ScribejavaApplicationTests {
+
+ @Test
+ public void contextLoads() {
+ }
+
+}