Video: How to implement OAuth2 in Spring Boot - How can I do that in Vaadin

Hi!

I have a simple video how to create OAuth2 in Spring Boot.
https://www.youtube.com/watch?v=kW9u2jNjEDw

The code is:

@SpringBootApplication
@RestController
@EnableOAuth2Sso
public class SpringOauth2SecurityExampleApplication {

    @GetMapping("/")
    public String welcome(Principal principal) {
        Map<String, Object> details = (Map<String, Object>)
                ((OAuth2Authentication) principal).getUserAuthentication().getDetails();
        String userName = (String) details.get("name");
        return "Hi " + userName + " Welcome to my application !!";
    }

    public static void main(String[] args) {
        SpringApplication.run(SpringOauth2SecurityExampleApplication.class, args);
    }

}

Very simple! When he access www.localhost:8080 then we become navigated to Facebook loginpage. When he login, then facebook navigating him back and then it’s a message about the user and a salute.

Good! Now I want to try that in Vaadin.
I start to create my controller class.

@RestController
@Component
public class UserController {
	
	private String name;
	
	@GetMapping("/login")
    public void welcome(Principal principal) {
        Map<String, Object> details = (Map<String, Object>) ((OAuth2Authentication) principal).getUserAuthentication().getDetails();
        name = (String) details.get("name");
        System.out.println(name);
    }

	public String getName() {
		return name;
	}
	
}

And then I create my Spring Security configuration

@EnableOAuth2Sso
@Configuration
public class OAuth2Configuration extends WebSecurityConfigurerAdapter {

	  @Override
	    protected void configure(HttpSecurity http) throws Exception {
	      http
	        .csrf().disable()
	        .antMatcher("/**")
	        .authorizeRequests()
	        .antMatchers("/", "/login**", "/webjars/**")
	        .permitAll()
	        .anyRequest()
	        .authenticated()
	        .and().
	        logout().
	        logoutSuccessUrl("/")
	        .permitAll();
	  }

}

And now a login button page

@Route
public class MainView extends VerticalLayout {

	/**
	 * 
	 */
	private static final long serialVersionUID = 1L;

	public MainView() {
		Button login = new Button("login");
		login.addClickListener(e->{
			UI.getCurrent().navigate(LoginView.class);
		});
		add(login);
	}

}

And last, a salute message page

@Route("login")
public class LoginView extends VerticalLayout{

	private static final long serialVersionUID = 1L;
	
	@Autowired
	private UserController userController;
	
	@PostConstruct
	public void init() {
		
		String name = userController.getName();
		Label loggedIn = new Label("You are logged in as: " + name);
		add(loggedIn);
	}
	
	public LoginView() {

	}
	
}

The problem is that this:

Map<String, Object> details = (Map<String, Object>) ((OAuth2Authentication) principal).getUserAuthentication().getDetails();

Becomes null. Why?

This is a solution to latest Spring Security with Facebook OAuth2.0.

Security:

@Configuration
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
    @Override
    public void configure(HttpSecurity http) throws Exception {

        http
        .csrf().disable()
        .authorizeRequests()
        .antMatchers("/Intranet/Bokning").authenticated() // Block this 
        .antMatchers("/**", "/Intranet**").permitAll() // Allow this for all
        .anyRequest().authenticated()
        .and().logout().logoutSuccessUrl("/").permitAll()
        .and()
        .oauth2Login();
    }
}

And appllication.yml

spring:
  security:
    oauth2:
      client:
        registration:
           facebook:
              clientId: myID
              clientSecret: mySecret
              accessTokenUri: https://graph.facebook.com/oauth/access_token
              userAuthorizationUri: https://www.facebook.com/dialog/oauth
              tokenName: oauth_token
              authenticationScheme: query
              clientAuthenticationScheme: form
              resource:
                 userInfoUri: https://graph.facebook.com/me

server:
  port: 8080

And pom.xml file:

<dependency>
  <groupId>org.springframework.boot</groupId>
  <artifactId>spring-boot-starter-security</artifactId>
</dependency>

<dependency>
  <groupId>org.springframework.security</groupId>
  <artifactId>spring-security-oauth2-client</artifactId>
</dependency>