Adding Facebook authentication to my Spring MVC application

Question

I'm trying to configure OAuth2 authentication into an existing Spring MVC app that is currently configured to use simple FORM authentication. I'd like to use Facebook as authentication provider, but I also need to maintain form authentication and to register user data in application DB the same way for both authentication methods (obviously for social auth some fields will be absent, for ex. password).

I'm using Spring Boot 1.4.1 with these additional dependencies:

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
    <groupId>org.springframework.security.oauth</groupId>
    <artifactId>spring-security-oauth2</artifactId>
</dependency>

But I cannot find a tutorial or some clear documentation explaining how to solve my case (FORM + OAuth2).

I tried to follow this tutorial but it is based on Spring Boot + AngularJS, while I'm using plain HTML + Thymeleaf.

This is my current Spring Security configuration:

http.authorizeRequests() //
     .antMatchers("/css/**").permitAll() // static resources
     .antMatchers("/webjars/**").permitAll() // static resources
     .antMatchers("/images/**").permitAll() // static resources
     .antMatchers("/login").permitAll().anyRequest().authenticated();
http.formLogin()
     .failureUrl("/login?error").defaultSuccessUrl("/").loginPage("/login").permitAll()//
     .and().logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
     .logoutSuccessUrl("/login?logout").permitAll();

What should I add to configure OAuth2 and to get user info once authenticated?

UPDATE After some googlin' I found that the way to go could be to use this dependency:

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-social-facebook</artifactId>
</dependency>

in place of plain spring-security-oauth2, but I still can't find a simple way to achieve what I want.

The best tutorial I found is this, but is a bit dated and is not based on Spring Boot, so I can't understand if some utility and autoconfiguration exist.

have you found a solution? Iḿ currently under the same dilema. — Sidney de Moraes, Apr 18 '17 at 06:05

score 0 · Answer 1 · edited May 23 '17 at 12:32

I tried to use this tutorial for other social network, but i got that you application as client has to provide next config in application.yml:

facebook:
  client:
    clientId: 233668646673605
    clientSecret: 33b17e044ee6a4fa383f46ec6e28ea1d
    accessTokenUri: https://graph.facebook.com/oauth/access_token
    userAuthorizationUri: https://www.facebook.com/dialog/oauth
    tokenName: oauth_token
    authenticationScheme: query
    clientAuthenticationScheme: form
  resource:
    userInfoUri: https://graph.facebook.com/me

this info will be used during outh2 process to get authorization token

I resolve my problem with configuration simple OAuth2 with Spring through my Authorization Server, you can check my answer here if you haven't found how to do it

@davioooh have you found solving? if not hope my answer can help you — Sergii Getman, Oct 18 '16 at 09:45

Adding Facebook authentication to my Spring MVC application

1 Answers1