@Override protected void configure(HttpSecurity http) throws Exception { http .oauth2Login() .clientRegistrationRepository( new InMemoryClientRegistrationRepository(GOOGLE_CLIENT_REGISTRATION)) .loginPage("/custom-login"); super.configure(http); } }
@Override public void configure(HttpSecurity http) throws Exception { http // Configure session management to your needs. // I need this as a basis for a classic, server side rendered application .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED).and() // Depends on your taste. You can configure single paths here // or allow everything a I did and then use method based security // like in the controller below .authorizeRequests().anyRequest().permitAll().and() // Propagate logouts via /logout to Keycloak .logout().addLogoutHandler(keycloakLogoutHandler).and() // This is the point where OAuth2 login of Spring 5 gets enabled .oauth2Login().userInfoEndpoint().oidcUserService(keycloakOidcUserService).and() // I don't want a page with different clients as login options // So i use the constant from OAuth2AuthorizationRequestRedirectFilter // plus the configured realm as immediate redirect to Keycloak .loginPage(DEFAULT_AUTHORIZATION_REQUEST_BASE_URI + "/" + realm); } };
@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests() .antMatchers("/oauth_login", "/loginFailure", "/") .permitAll() .anyRequest() .authenticated() .and() .oauth2Login() .loginPage("/oauth_login") .authorizationEndpoint() .baseUri("/oauth2/authorize-client") .authorizationRequestRepository(authorizationRequestRepository()) .and() .tokenEndpoint() .accessTokenResponseClient(accessTokenResponseClient()) .and() .defaultSuccessUrl("/loginSuccess") .failureUrl("/loginFailure"); }
.clientRegistrationRepository(clientRegistrationRepository()) .authorizedClientService(authorizedClientService()) .loginPage(MolgenisLoginController.URI) .failureUrl(MolgenisLoginController.URI) .userInfoEndpoint()