{"id":27273548,"url":"https://github.com/villysiu/springsecurityoauth2demo","last_synced_at":"2026-05-08T01:43:57.380Z","repository":{"id":285653378,"uuid":"958887551","full_name":"villysiu/SpringSecurityOauth2Demo","owner":"villysiu","description":"Authentication by Github OAuth 2.0","archived":false,"fork":false,"pushed_at":"2025-04-10T18:37:46.000Z","size":478,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-10T19:57:05.010Z","etag":null,"topics":["github","jwt","oauth2","rest-api","spring-security","springboot"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/villysiu.png","metadata":{"files":{"readme":"Readme.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-04-01T23:36:27.000Z","updated_at":"2025-04-10T18:37:50.000Z","dependencies_parsed_at":"2025-04-02T00:37:53.048Z","dependency_job_id":null,"html_url":"https://github.com/villysiu/SpringSecurityOauth2Demo","commit_stats":null,"previous_names":["villysiu/springsecurityoauth2demo"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/villysiu%2FSpringSecurityOauth2Demo","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/villysiu%2FSpringSecurityOauth2Demo/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/villysiu%2FSpringSecurityOauth2Demo/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/villysiu%2FSpringSecurityOauth2Demo/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/villysiu","download_url":"https://codeload.github.com/villysiu/SpringSecurityOauth2Demo/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248427731,"owners_count":21101771,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["github","jwt","oauth2","rest-api","spring-security","springboot"],"created_at":"2025-04-11T14:58:13.472Z","updated_at":"2026-05-08T01:43:57.354Z","avatar_url":"https://github.com/villysiu.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"In this tutorial, we are create a minimal rest api  that uses GitHub for authentication and Jwt token.\n\n## Summary ##\nThis application allows user to \n- sign up with email and password\n- login with valid credential\n- login through GitHub authentication by OAuth 2.0\nUpon successful login, either authenticated by email/password or GitHub, \n- the authenticated user will be persisted in the SecurityContextHolder in Spring Security.\n- a JWT token will be generated and stored in cookie which is automatically sent with every request within the same domain.\n- The browser automatically includes this cookie in subsequent requests to the server (if it's within the same domain).\n\n[![Authentication by Github in Springboot ](https://markdown-videos-api.jorgenkh.no/url?url=https%3A%2F%2Fyoutu.be%2FLYDzl2VVj48)](https://youtu.be/LYDzl2VVj48)\n\n\n\nSince both Postman and Insomnia do not support redirection within the Oauth2Login, \nWe will be using the browser to demonstrate the authentication process with GitHub. \n\nThe configuration of my system\n* Intellij Idea\n* Springboot 3.4.2\n* Java 17\n* JDK 23\n\nMaven dependencies for the project:\n\n* Spring Boot DevTools\n* Spring Web\n* Spring Client\n* Spring Resource Server\n* Lombok\n* JDBC API\n* Spring Data JPA\n* MySQL\n* Json Web token\n\n# About the project\n\nThis project is developed on top of [SpringSecurityRestAPIJWTDemo](https://github.com/villysiu/SpringSecurityRestAPIJWTDemo.git)\nThe following addition makes the project ready to be authenticated be GitHub.\n\nIn `pom.xml`, we added new dependencies for OAuth 2.0\n```\n\u003cdependency\u003e\n    \u003cgroupId\u003eorg.springframework.security\u003c/groupId\u003e\n    \u003cartifactId\u003espring-security-oauth2-resource-server\u003c/artifactId\u003e\n\u003c/dependency\u003e\n\n\u003cdependency\u003e\n    \u003cgroupId\u003eorg.springframework.security\u003c/groupId\u003e\n    \u003cartifactId\u003espring-security-oauth2-jose\u003c/artifactId\u003e\n    \u003cversion\u003e6.4.4\u003c/version\u003e\n\u003c/dependency\u003e\n\u003cdependency\u003e\n    \u003cgroupId\u003eorg.springframework.boot\u003c/groupId\u003e\n    \u003cartifactId\u003espring-boot-starter-oauth2-client\u003c/artifactId\u003e\n\u003c/dependency\u003e\n```\n\nIn `SecureConfig`, we added\n```\n.oauth2Login(config -\u003e config\n    .authorizedClientService(this.customAuthorizedClientService)\n    .defaultSuccessUrl(\"/secure/github_login_success\", true)\n)\n\n.oauth2ResourceServer(oauth2 -\u003e oauth2.jwt(withDefaults()))\n```\n\n### GitHub Authentication\n\nTo authenticate by GitHub, we will visit the link, `http://localhost:8080/oauth2/authorization/github` in the browser,\nor in frontend through a button. We will be redirected to a default GitHub page to enter out GitHub credentials.\nOnce authenticated,\nBehind the scene, the Spring Security and Oauth 2.0 will do the following:\n* obtain a code from GitHub\n* exchange an access token with the code from GitHub\n* request user information with the access token\n* the user information will be saved in the SecurityContextHolder with authentication info.\n  We can access this OAuth2User through Authentication.\n\n\n### CustomAuthorizedClientService\n\nwe customized `OAuth2AuthorizedClientService` so we can save the authenticated OAuth2User into our `Account` database if it is not already existed.\nThen we generated a JWT token with the email from the Oauth2User object.\n\n### /secure/github_login_success\nWhen we are redirected to  `/secure/github_login_success`, we will hit the JwtAuthenticationFilter first, which will validate the JWT token in the cookie, and persisted the UserDetails object in the SecurityContextHolder,\nwhich can be accessed from Authentication.\n\n\n\n## Cloning the project\nClone the project from  https://github.com/villysiu/SpringSecurityOauth2Demo.git, and open it in Intellij.\n\n**DO NOT RUN IT YET** as we still need to configure database and GitHub app.\n\n## Create Database\n\nManually Create the Database `springbootRestApiJWT` in [MySQLWorkbench](https://www.mysql.com/products/workbench/)\nIt should be same name as specified in `/resources/application.properties`\n```\nspring.datasource.url = jdbc:mysql://localhost:3306/springbootRestApiJWT?useSSL=false\u0026serverTimezone=UTC\nspring.datasource.username = \u003c-- MySQL username  --\u003e\nspring.datasource.password = \u003c-- MySQL password  --\u003e\n\n```\n\n## Configure GitHub App ##\nNext, you need to configure your app to use GitHub as the authentication provider.\n\n1. To add a new GitHub app, visit https://github.com/settings/developers\n. After logging in, click `New OAuth App` button to create a new app\n\n    \u003cimg src=\"https://github.com/villysiu/SpringSecurityOauth2Demo/blob/main/src/main/resources/static/images/Screen%20Shot%202025-04-01%20at%205.49.44%20PM.png?raw=true\" width=\"50%\"  alt=\"\"/\u003e\n\n* Application name: `Oauth2test`\n* Homepage URL: `http://localhost:8080` \n* Authorization callback URL: `http://localhost:8080/login/oauth2/code/github`\n\n  ** It is important not to change these fields\n\n2. copy the Client Id into Environment Variables\n\n3. Generate a new client secret and copy into the Environment Variables as well. Note that client secret will disappear once you leave the page. Save it immediately after you have generated it.\n```json\nCLIENT_ID: [client ID  ]\nGITHUB_SECRET: [secret]\n\n```\n\u003cimg src=\"https://miro.medium.com/v2/resize:fit:4800/format:webp/1*zxdHRp-OaBTiq3XsDFFpGw.png\" width=\"50%\" \u003e\n\n## Running the project\nNow we are ready to run the application. \n\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvillysiu%2Fspringsecurityoauth2demo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvillysiu%2Fspringsecurityoauth2demo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvillysiu%2Fspringsecurityoauth2demo/lists"}