Using Github OAuth2 with Application Postman is returning HTML Welcome Page Instead of Response

Question

I'm setting up my Spring application with OAut2 authorization. I have connected my application to the github OAuth app, I have added the dependencies. When I go to use Postman to test my application, I try to set up the OAuth2 under the authorization header to get the token to generate so I can access my account but when I do it gives me this error:

Am I supposed to add something to my code to make the token generate now? Or am I setting it up wrong?

Here is my code:

UserController.java

@RestController
@RequestMapping("/users")
public class UserController {
@Autowired
UserService userService;

@GetMapping("")
public List<User> list() {
    return userService.listAllUser();
}

@GetMapping("/{id}")
public ResponseEntity<User> get(@PathVariable Integer id) {
    try {
        User user = userService.getUser(id);
        return new ResponseEntity<User>(user, HttpStatus.OK);
    } catch (NoSuchElementException e) {
        return new ResponseEntity<User>(HttpStatus.NOT_FOUND);
    }
}

@PostMapping("/")
public void add(@RequestBody User user) {
    userService.saveUser(user);
}
@PutMapping("/{id}")
public ResponseEntity<?> update(@RequestBody User user, @PathVariable Integer id) {
    try {
        User existUser = userService.getUser(id);
        user.setId(id);
        userService.saveUser(user);
        return new ResponseEntity<>(HttpStatus.OK);
    } catch (NoSuchElementException e) {
        return new ResponseEntity<>(HttpStatus.NOT_FOUND);
    }
}
@DeleteMapping("/{id}")
public void delete(@PathVariable Integer id) {

    userService.deleteUser(id);
    }
}

User.java

@Entity
@Access(AccessType.FIELD)
@Table(name = "USER_INFO")
public class User {
    @Id
    @Column(name="USERINFOID", updatable=false, nullable=false)
    private int id;

   @Column(name="USEREMAIL")
   private String email;

    @Column(name="USERROLE")
    private int role;

    @Column(name="USERSUBSCRIBED")
    private int subscribed;

    @Column(name="FNAME")
    private String Fname;

    @Column(name="LNAME")
    private String Lname;

public User() {
    }

    public User(int id, String email, int role, int subscribed, String Fname, String Lname) {
        this.id = id;
        this.email = email;
        this.role = role;
        this.subscribed = subscribed;
        this.Fname =Fname;
        this.Lname = Lname;

    }
    @Id
    @GeneratedValue(strategy = GenerationType.IDENTITY)
    public int getId() {
        return id;
    }

    public String getEmail(){
     return email;
    }

    public int getRole(){
    return role;
    }

    public int getSubscribed(){
    return subscribed;
    }

    public String getFname(){
        return Fname;
    }

    public String getLname(){
        return Lname;
    }


public void setId(int id) {

}

}

UserRepository.java

 public interface UserRepository extends JpaRepository<User, Integer> {
}

Application.java public class Application {

public static void main(String[] args) {
    SpringApplication.run(Assignment3Application.class, args);
   }

}

Answer 1

What you are doing wrong: have no knowledge of OAuth2. You need to understand it before you have a chance to configure correctly spring applications.

You are obviously trying to configure a resource-server with Github as authorization-server.

Unfortunately, Github issues opaque tokens which can be used to query Github resources only. You can't easily use this tokens for securing your own resource-servers.

You might use an OIDC authorization-server capable of user identity federation (like Keycloak) in front of Github and then setup JWT security for spring resource-servers. Tutorials here (with basic OAuth2 introduction).