Set up Google Cloud Identity Platform:
Go to the Google Cloud Console.
Create a new project or select an existing one.
Navigate to "Identity Platform" and enable it for your project.
Set up OAuth 2.0 credentials by going to "APIs & Services" > "Credentials" and
creating a new OAuth 2.0 client ID. Make sure to note the Client ID and Client
Secret.
Configure OAuth consent screen by adding necessary information.
Add necessary dependencies to your Spring Boot project:
Add the following dependencies to your pom.xml if you're using Maven:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-client</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-resource-server</artifactId>
</dependency>
Configure application properties:
Add the following configuration to your application.properties or application.yml
file:
spring.security.oauth2.client.registration.google.client-id=YOUR_CLIENT_ID
spring.security.oauth2.client.registration.google.client-secret=YOUR_CLIENT_SECRET
spring.security.oauth2.client.registration.google.scope=openid,profile,email
spring.security.oauth2.client.provider.google.authorization-uri=https://
accounts.google.com/o/oauth2/auth
spring.security.oauth2.client.provider.google.token-uri=https://
oauth2.googleapis.com/token
spring.security.oauth2.client.provider.google.user-info-uri=https://
www.googleapis.com/oauth2/v3/userinfo
spring.security.oauth2.client.provider.google.jwk-set-uri=https://
www.googleapis.com/oauth2/v3/certs
Replace YOUR_CLIENT_ID and YOUR_CLIENT_SECRET with the values from your Google
Cloud OAuth 2.0 credentials.
Configure Spring Security:
Create a SecurityConfig class to configure Spring Security to use OAuth 2.0 login
with Google.
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import
�org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import
org.springframework.security.config.annotation.web.configuration.WebSecurityConfigu
rerAdapter;
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/", "/public/**").permitAll() // Allow public access
to some endpoints
.anyRequest().authenticated() // Secure all other endpoints
.and()
.oauth2Login(); // Enable OAuth 2.0 login
}
}
Create a Controller to handle authenticated requests:
import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.security.oauth2.core.oidc.user.OidcUser;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.GetMapping;
@Controller
public class HomeController {
@GetMapping("/")
public String home(Model model, @AuthenticationPrincipal OidcUser principal) {
if (principal != null) {
model.addAttribute("name", principal.getName());
model.addAttribute("email", principal.getEmail());
}
return "home"; // Return the name of the view template
}
}
Create a simple HTML page for the home view:
Create an src/main/resources/templates/home.html file:
<!DOCTYPE html>
<html xmlns:th="http://www.thymeleaf.org">
<head>
<title>Home</title>
</head>
<body>
<h1>Welcome</h1>
<div th:if="${name}">
<p>Hello, <span th:text="${name}"></span>!</p>
<p>Your email: <span th:text="${email}"></span></p>
<a href="/logout">Logout</a>
</div>
<div th:if="${name == null}">
� <a href="/oauth2/authorization/google">Login with Google</a>
</div>
</body>
</html>
This configuration sets up Google OAuth 2.0 login with Spring Security in a Spring
Boot application. Users can log in with their Google account, and authenticated
users will see their name and email displayed on the home page.
