A simple demo of an OpenId Connect client using Spring Security and Spring OAuth2 to authenticate with the Google Identity Platform.
- Instructions assume you already have a Google account.
- Create a new project at Google Developer Console.
- Click on 'Credentials' on left menu.
- Click on 'OAuth consent screen' tab,
- Add 'Product name shown to users' e.g. MyThingyApp. Save.
- Click 'Create credentials' and select 'OAuth client ID'.
- Credentials: Create Client ID: Select 'Web Application'.
- Credentials: Create Client ID: Set 'Authorised redirect URIs': http://localhost:8080/login
- Click 'Create'. This will create your OAuth2 clientId and clientSecret.
- Rename application.properties.templatetoapplication.properties.
- Add your clientId and clientSecret to the application.propertiesfile.
- Update google.openidconnect.optional.scopesinapplication.propertiesas required.
- Build the app: mvn clean install
- Start the app: mvn spring-boot:run
- Open a browser and go to: http://localhost:8080
Once you've authenticated with Google and authorized the app, you should get redirected to the Homepage:
Secured Homepage
UserId: ALongNumber
Email: <username>@gmail.com
It's worth taking a look at the browser network tab to see the OpenID Connect interactions. The app console log dumps out some useful stuff too, e.g. token details and user info.
A bare-bones integration test is included and can be run as part of the build. To do this:
- Start the app: mvn spring-boot:run
- Run the test: mvn verify -Dskip.integration.tests=false
This app was inspired by the excellent tutorial written by eugenp. The integration test originated from code written by fromi.
- A good introduction to OpenID Connect.
- OpenID Connect Core Specification.
- RFC7519 - the Java Web Token (JWT) spec.
- A useful JWT Debugger.