π Add to Chrome β Itβs Free - YouTube Summarizer
Category: N/A
No summary available.
00:00
in this video let's see how can you get the Google or GitHub or any login in your website see what happens is when you build application of course you want to secure it and one way to secure it is through the login forms and normally what you do is when you say you are
00:16
allowing your user to log in so that we can provide them the resource you have to verify the username password from the database and we have done that before right now what I'm doing is let's say you build an application and then with the username password you also want an option of someone can log in through
00:31
their Google account or their GitHub account it will be easier for users to log in and most of the time when I want to access any resource or any application I prefer to log in through Google Now Google already knows lot of lot about me right they have all my information and I can use that and they
00:47
already have my username password so what if this application can ask Google hey you know this person is claiming to be naven can you just confirm that he's naven so that's how you basically verify and to achieve that what you can do is on your page you can have a Google login or GitHub login option and to do that
01:03
we'll build a very simple project let's not work with the older projects let's create a small project with a small resource and let's see how do you provide the Google or GitHub access to it so the first thing I will do is I will create a new project and to do that I will go to start. spring.io if you have ultimate version of intell idea or
01:20
spring or STS you can use that so here I want to create a project and I will say make sure that this is mavin Java project and the spring boot version Let latest is 3.3.2 depend upon when you are watching this you can just change it and the group ID will mention is com. telescope the project name I will make
01:36
sure as o or2 now why it is O2 because if you want to provide this option of using someone else authorization server to verify uh we can use a protocol called o and the version is o 2 so we'll use that so we'll say spring o to demo
01:54
and the packaging will be jar the Java was 21 on this machine let's add dependency So when you say o you can actually create your own O2 server using spring but since we want to use some other services like Google or GitHub we'll use a client there but be before we add that we also have to make make
02:10
sure that we also get spring web and the o o to client now of course you might be saying we also need a Spring Security right because it's a login thing the thing is the O2 client itself will give you all the spring security dependencies so we just need to the spring web and
02:26
over to client and click on generate this will give you a project which you have to unzip it and open your ID so unzipping done let me go back to my ID this is the earlier project which we were doing for jwd will not touch it I will click on open and let's open this new project click on open and okay so
02:43
first of all I will just stop this server just click on new window um disconnect okay sometime you know when you disconnect or terminate it will not free up the port I think it's with terminate so let's see I hope the port number 88 is available otherwise we'll change it so so the first thing I
03:00
want to verify if this is working so I will just run this application to see what goes wrong uh we have not done the mapping yet no resource created let's run this and see what goes wrong the moment you run this it will give you some errors okay first of all it says the a port number is busy okay that's
03:16
the mistake right so for the older one I should have stopped it um do I have the option it's closed okay so what I can do is I I start my machine that's the solution I found if you have other solution let me know I can just change the port number I will say server. Port
03:34
equal to 8080 maybe I will say 8,000 let's use port number 8,000 let's run this and this time it should not give you this eror of 8080 bz because we're using a different port number let's see okay so it says stormcat started at Port number 8,000 I'm happy okay now let's
03:49
create some resource in fact even before you go for the resource let me just go to the page of uh okay not this port number this was the earlier project it's 8,00 on enter and it is giving you a login form go back to Spring Security right when you add Spring Security
04:05
modules it will give the login form right but hey I don't want a login form I want buttons here for the Google or GitHub I don't have it and even if you pass the username password you don't know the username and password right or maybe maybe you will get it in your console but if you scroll you don't even have a password here okay no problem
04:21
what I will do is I will create a simple resource which I want to access so first of all which those resource I want to access I will create a class and this will be my hello controller and I will make this as a rest client so I will say rest controller I mean not a client rest controller and let's create a method
04:37
which will do something so I will say public string I know we are using the same method every time but it works right and here I will say this is get mapping this will be mapping for the homepage request or maybe I can specify some URL or maybe homepage works and here I will say return welcome to TCO
04:54
I'll give a comma and I'll say tesco.com no harm in uh product marketing okay what do you call this there's a word for this right when you pitch in a product inside the script uh I forgot what it called doesn't matter okay come back so we are we are saying T come and this should work so let's relaunch it and
05:11
actually it will not work the reason being uh we it will still ask you for the login form right and we don't want a login form so if I go back and hit the homepage it will again give you login form now how do you stop default configuration so one way to do that is you have to do the spring config okay
05:26
and still if you want to see the homepage what I will do is I will just go back to my pal file and I can disable it so I can disable the spring o to client or yeah so what it will do is it will also disable the Spring Security configuration so let's go back to the browser and say refresh or not for the
05:42
login form I will say enter okay still giving me login form oh I forgot to do one important thing you have to reload your mavin before you do that uh let's restart go back to the browser I don't want a login form now enter okay it's not really yeah so you can see it says welcome Toco disc.com so we are happy
05:59
and and now uh let's enable it again let's reload the mavin changes I want to pass the security so we have done that before so if you want to pass the default security what you can do is you can create your own config file and I will name this as security config and on
06:14
top of this you will say this is configuration and also enable web security and then you have to just change one method basically you have to create one bean and I want a bean of security filter chain so I'll say public I want the method which will change the behavior of security filter chain uh I
06:31
will have a default name security filter chain and this should take an object of HTP security I will say HTTP this might throw an exception the method I'm going to do so I want to basically return HTTP do build so this build will return the object of security filter chain and this
06:47
might throw an exception so I will just say add thrs exception okay now if you want to change the configuration in fact we have done this before right what you have to basically do is with the object of HTTP you have to add certain things in the previous sections we have talked about how do you disable the csrf how do
07:03
you work with u a custom login authentication but this time we don't want to do all those stuff we just want a Google login right so what you can do is you can use HTTP DOT first of all I want to make sure that all the request should be authenticated so I will say authorize request if you don't do this
07:18
it will bypass security and you will be able to access resource I don't want to bypass security I want to restrict it so I will say au. any request will be authenticated by default your perit but I want to make it authenticated Now by doing this it will restrict you to accessing resource but with restriction
07:35
I also want to give them the access of login through Google soice HTTP dot or maybe I can simply use the Builder pattern uh I will just enter this and instead of having a semicolon here so now we'll say dot and there's option of O O2 and we have to specify we are going
07:50
for a login and login with the customizer dot with defaults and that's it it's so simple right now by doing this you are making sure that you are specif ifying that hey I want to use O2 for the login and this should work and it will not you know why because we are
08:05
saying oart to login right but in this world Google is not the only oo provider there are lot of different servers using which you can do that maybe you can create your own servers how I mean nobody we are specifying that we have to use Google login and that's what it is complaining about if you see it says
08:21
parameters zero of method uh set filter chain blah blah blah uh web security configuration required the o to Reg ation U so that is not found so the repository is not there so that means we have to pass which login you want to go for okay and that you can do in the
08:39
configuration so you can go to your application properties and this is where you can mention those properties so what are the properties of course you don't have to byard this you can just get it from Google so you can say spring. security dot we want to work with or2 and we are specifying the clients here and we have to do the registration
08:55
that's what it was saying in the console and then we have to specify which server we are using so we are using Google here so for GitHub it will change to GitHub Dot and you have to specify two things one is the client ID and then you have to specify the client secret as well so client is something which people can see
09:10
but client secret is only developers can see or people who are building this so I want a same thing but with the client secret so I will just copy paste here and I will say client secret this is like more like a password or maybe you can think about username password if that makes sense but the question is
09:26
from where exactly I will get this client ID and client sec now these are the steps you have to do so what I will do is I will go back to my browser so search for Google Cloud console and go to this website and this is where you can get it so if you see there's option of API and services if you click here I
09:42
want to create a new credential so this is the basically API services from Google Cloud uh and you need a developer account for that so make sure that in your personal account you have a developer account uh go to credentials and if you don't have a consent screen by default it will give you some issues
09:57
so make sure that if you're doing this for the first time it will give you a consent screen just make sure that you complete it it's a form which you have to complete where you specify your app and stuff so do that and then you will see this option otherwise click on I mean if it is already there you can click on credentials and click on create
10:13
credentials and then we are creating a o uh client ID click on this now this will ask you for the application type now you can build you can get your client ID for web application for the Android for the Chrome extension iOS and blah blah blah there are so many options here I want to
10:30
go for the web application so I will choose that next I want to specify the name I will say uh test app if that works yeah test app and then we have to specify the authorized redirect URL or URI and here you have to mention HTTP
10:47
colon Local Host colon 880 this is your browser name or the whatever URL you have so not 880 it is 8,000 slash so to say login slash or2 slash code SLG gooogle now again you
11:03
don't have this you can also get it from Google if you search and then you have to click on create so if you have your website already deployed you can use that URL inste of the Local Host colon 8,000 now once you do that it will give you two things it will give you client idea it will give you client secret so I
11:20
will just copy this and put it somewhere so I will say client ID is this and then I have to specify the client uh secret and that is is this so you can just copy this and make sure that you don't share this set with anyone you can see that on the screen is because once the sessions
11:35
gets over I will delete those two things I mean I will delete this particular API okay and now uh I can use these two things so I can just copy this client ID and go back to your uh IDE database IDE and paste the client ID then you have to specify the the secret which is here
11:53
I'll just copy this and paste it here that's it these are the two things you have to specify and once you do that let's restart the application and hopefully this will work this time it should not give you those error so you can see there's no error but let's verify if this is working so let's go back to our browser and Local Host 880 I
12:10
will say enter and you can see it is giving the option of login directly normally it should give you an option of this should be a button okay not 880 okay there should be a button of Google and then it should give you this
12:26
I'm not sure why it is directly going this maybe I will just add one so that you know when you have your own UI you can customize the way you want uh but yeah it gives you button and then when you click on it and let me know if it is happening with you as well in the comments and you can choose your email account and you can login now example if I choose my my personal email account it
12:42
will say Okay I want to give the access continue and now I'm logged in and you can see we got welcome to disco.com now I don't have to log in again every time I go this it will use that token from given by Google it will log in okay uh so that's one this is for the uh Google what about GitHub same thing for the
12:59
GitHub also uh let's copy these two things and paste the only change you have to make here is GitHub and GitHub okay now this client ID and SEC ke will not work we have to change this as well okay now from where you will get this of course the way we got it from Google
13:15
there should be option of GitHub as well so if I go to GitHub this is my repository uh if you're not following yet do that do that and if I go back I have to log to my GitHub let's do that so basically I've also enabled the two authentication I can use authorization
13:31
app or I can use a pass key from my Mac okay I'm logged in okay once you're logged in you can just go to this and click on settings and once you come on this page just scroll down at the last not this much last click on the developers setting and you can see
13:48
there's option of oo apps already have one maybe you will see an option of there's no apps available you can click on new O app and give a name I will again go for test app the home URL I'll mention is this I don't want to specify
14:04
any description but URL the call back URL is important the same way we have done it for the Google we'll do it here so HTTP colon SL localhost colon 8000 SL login slash okay it's already giving me option here I'll just copy this so this is the same thing right the only thing
14:20
is in Google it was Google it is now GitHub here and click on register that's it you got your details now where you will find the client ID oh that's very easy we got the client ID here I will just copy this and paste it in here and the secret okay so secret how will you
14:37
get it now you can see there's it is not showing anything so I will click on generate a new client secret and I got it here and I'll paste it here that's it these are the two things you have to mention the client ID and the the client Secret by doing those things let's restart the application and let's go
14:53
back to the browser again the same page enter okay now you can see we got two options the Google login or GitHub login we tried for Google let's try for GitHub now click on this it says since I'm already logged on GitHub it says authorize N Ready yes click on this and
15:10
I'm logged in and now it says welcome to the lore so it's so easy to get uh the logins right and yeah that's how basically you log through your o to clients it can you can use Google you can use GitHub maybe Facebook try out different platforms and let me know in the comments what other platforms you
15:26
have used and also if you can share how you did it in the comments it will be helpful fors so that's it from this video where we have seen how do we use o to client in fact you can also create your own O2 servers in future maybe I will make videos on that not not in plan
15:41
as of now but let me know I will try to creating or2 servers so that's it from this video so I hope you enjoyed the entire series on Spring Security and this is kind of the end of Spring Security at this point and see in the upcoming sessions or upcoming videos bye-bye