Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Building Microservices Using Spring Boot and Securing Them With OAuth and OpenID - Part 2

DZone's Guide to

Building Microservices Using Spring Boot and Securing Them With OAuth and OpenID - Part 2

This walkthrough continues the process of creating a microservice using OAuth 2.0 and OpenID Connect to authenticate with Google and send information to the user.

· Integration Zone
Free Resource

The Integration Zone is brought to you in partnership with Cloud Elements. What's below the surface of an API integration? Download The Definitive Guide to API Integrations to start building an API strategy.

In this walkthrough, learn how to easily configure and deploy microservices with Spring Boot, then secure them using Google OAuth and OpenID.

This microservice will use OAuth 2.0 and OpenID Connect to authenticate in Google and get information to the user.

Technology Stack

  • Maven;
  • Spring Boot;
  • Spring Web;
  • Spring Security;
  • OAuth2 authentication;
  • Google OAuth2 configuration.

Before we start on the code, let's configure the Google OAuth 2.0. Let's go to the below URL:

https://console.developers.google.com/

Image title

Click on "credentials" and "create credentials."

Image title

Then click on "OAuth client ID." It will open a new window with more options.

Image title

Clicking on "Web application" will give you more options to create a client ID.

Image title

Name your client ID based on your application. In the Authorized JavaScript origins field, enter the origin for your app. You can enter multiple origins to allow for your app to run on different protocols, domains, or subdomains. The Authorized redirect URIs is where the client will get send to after the account authorization is successful. Make sure to provide an exact path and it is case sensitive.

In my project, I have defined the Authorized redirect URI as http://localhost:8080/google/login.

Finally, click on Create button to create your client credentials to get your OAuth 2.0 client ID.

Image title

With all above steps, you will get:

1. Client ID

2. Client Secret

You need to use both in your Java project (in the application.yml file).

How to Start the Spring Boot Application

Create a Spring Boot application using:

  • start.spring.io

  • Eclipse STS

Make sure to use JDK 1.8 for Spring Boot. Spring Boot does not support any lower version than JDK 1.8.

A class that can be used to bootstrap and launch a Spring application from a Java main method:

 @Configuration
 @EnableAutoConfiguration
 public class MyApplication  {

   public static void main(String[] args) throws Exception {
     SpringApplication.run(MyApplication.class, args);
   }
 }

Below is an application.yml that you need to configure for OAuth 2.0.

# Spring Boot configuration
spring:
  profiles:
    active: googleOAuth
# Spring Security configuration
security:
  oauth2:
    client:
      clientId: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
      clientSecret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
      accessTokenUri: https://www.googleapis.com/oauth2/v4/token
      userAuthorizationUri: https://accounts.google.com/o/oauth2/v2/auth
      clientAuthenticationScheme: form
      scope: email
      #scope: https://www.googleapis.com/auth/games
    resource:
      userInfoUri: https://www.googleapis.com/oauth2/v3/userinfo
      preferTokenInfo: true
# Server configuration
server:
 port: 8080

By the way, you can configure the port of your server using the above yml file.

You can check the complete code in my repository.

If you have any questions, please comment.

I will show you on how to create your own Auth Server and Resource server in the next part of this series.

Your API is not enough. Learn why (and how) leading SaaS providers are turning their products into platforms with API integration in the ebook, Build Platforms, Not Products from Cloud Elements.

Topics:
oauth ,openid ,spring boot ,microservices ,integration

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}