more config

R-Sandor · R-Sandor · commit e64177439829 · 2025-06-18T09:40:40.000-04:00
diff --git a/server/src/main/java/dev/findfirst/security/config/Oauth2BeanConfig.java b/server/src/main/java/dev/findfirst/security/config/Oauth2BeanConfig.java
@@ -3,23 +3,39 @@
 import dev.findfirst.security.conditions.OAuthClientsCondition;
 import dev.findfirst.security.jwt.service.RefreshTokenService;
 import dev.findfirst.security.jwt.service.TokenService;
+import dev.findfirst.security.oauth2client.OauthUserService;
 import dev.findfirst.security.oauth2client.handlers.Oauth2LoginSuccessHandler;
-
+import dev.findfirst.users.repository.UserRepo;
+import dev.findfirst.users.service.UserManagementService;
 import lombok.RequiredArgsConstructor;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Conditional;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService;
+import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest;
+import org.springframework.security.oauth2.client.userinfo.OAuth2UserService;
+import org.springframework.security.oauth2.core.user.OAuth2User;
 
 @Configuration
 @RequiredArgsConstructor
 public class Oauth2BeanConfig {
 
-  final TokenService ts;
-  final RefreshTokenService rt;
+  private final TokenService ts;
+
+  private final RefreshTokenService rt;
 
   @Bean
   @Conditional(OAuthClientsCondition.class)
   public Oauth2LoginSuccessHandler oauth2Success() {
     return new Oauth2LoginSuccessHandler(ts, rt);
   }
+
+  @Bean
+  @Qualifier("defaultOauthService")
+  public OAuth2UserService<OAuth2UserRequest, OAuth2User> defaultOAuth2UserService() {
+    return new DefaultOAuth2UserService();
+  }
 }
diff --git a/server/src/main/java/dev/findfirst/security/oauth2client/OauthUserService.java b/server/src/main/java/dev/findfirst/security/oauth2client/OauthUserService.java
@@ -8,6 +8,7 @@
 import java.util.UUID;
 import java.util.function.Supplier;
 
+import dev.findfirst.security.conditions.OAuthClientsCondition;
 import dev.findfirst.security.userauth.models.payload.request.SignupRequest;
 import dev.findfirst.users.exceptions.EmailAlreadyRegisteredException;
 import dev.findfirst.users.exceptions.UserNameTakenException;
@@ -18,8 +19,12 @@
 
 import lombok.AllArgsConstructor;
 import lombok.NoArgsConstructor;
+import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.context.annotation.Conditional;
+import org.springframework.context.annotation.Primary;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService;
@@ -32,25 +37,24 @@
 import org.springframework.transaction.annotation.Transactional;
 
 @Service
+@Conditional(OAuthClientsCondition.class)
 @Slf4j
-@AllArgsConstructor
-@NoArgsConstructor
+@RequiredArgsConstructor
+@Primary
 public class OauthUserService implements OAuth2UserService<OAuth2UserRequest, OAuth2User> {
 
-  @Autowired
-  private UserRepo userRepo;
+  private final UserRepo userRepo;
 
-  @Autowired
-  private UserManagementService ums;
+  private final UserManagementService ums;
 
-  @Autowired(required = false)
-  private DefaultOAuth2UserService oAuth2UserService;
+  @Qualifier("defaultOauthService")
+  private final OAuth2UserService<OAuth2UserRequest, OAuth2User> delegate;
 
   @Transactional
   @Override
   public OAuth2User loadUser(OAuth2UserRequest userRequest) throws OAuth2AuthenticationException {
     log.debug("attempt to loadUser");
-    OAuth2User oAuth2User = oAuth2UserService.loadUser(userRequest);
+    OAuth2User oAuth2User = delegate.loadUser(userRequest);
     User user = null;
 
     // user exists in database by email
@@ -67,8 +71,7 @@ public OAuth2User loadUser(OAuth2UserRequest userRequest) throws OAuth2Authentic
 
     var username = attrs.get(userNameAttributeName).toString();
     final var registrationId = userRequest.getClientRegistration().getClientId();
-    final var oauth2PlaceholderEmail =
-        "generated-" + username + registrationId + "@noemail.invalid";
+    final var oauth2PlaceholderEmail = "generated-" + username + registrationId + "@noemail.invalid";
 
     Supplier<User> signup = () -> {
       try {
@@ -98,12 +101,10 @@ else if (username != null && !username.isEmpty()) {
       throw new RuntimeException("Error with user signup/signin");
     }
 
-    int userRole =
-        (user.getRole() == null || user.getRole().getId() == null) ? 0 : user.getRole().getId();
+    int userRole = (user.getRole() == null || user.getRole().getId() == null) ? 0 : user.getRole().getId();
 
     GrantedAuthority authority = new SimpleGrantedAuthority(URole.values()[userRole].toString());
-    var attributes =
-        customAttribute(attrs, userNameAttributeName, user.getUserId(), registrationId);
+    var attributes = customAttribute(attrs, userNameAttributeName, user.getUserId(), registrationId);
 
     return new DefaultOAuth2User(Collections.singletonList(authority), attributes,
         userNameAttributeName);
diff --git a/server/src/main/resources/application-dev.properties b/server/src/main/resources/application-dev.properties
@@ -32,7 +32,4 @@ spring.devtools.restart.enabled=true
 spring.devtools.restart.pollInterval=10s
 spring.flyway.locations=classpath:db/migration,classpath:db/dev
 
-# spring.security.oauth2.client.registration.github.client-id=
-# spring.security.oauth2.client.registration.github.client-secret=
-
 logging.level.org.springframework.security=TRACE
diff --git a/server/src/main/resources/application.properties b/server/src/main/resources/application.properties
@@ -44,4 +44,5 @@ findfirst.upload.max-file-size=2097152
 spring.servlet.multipart.max-file-size=32MB
 spring.servlet.multipart.max-request-size=32MB
 
-
+spring.security.oauth2.client.registration.github.client-id=Ov23linhbDJ7ytuPfdT7
+spring.security.oauth2.client.registration.github.client-secret=bd3ba6d1e66c4cc2b95c8aca76d08594e85930dd
diff --git a/server/src/test/java/dev/findfirst/security/oauth2/OauthUserServiceTest.java b/server/src/test/java/dev/findfirst/security/oauth2/OauthUserServiceTest.java
@@ -150,15 +150,15 @@ void hasUsernameFromOauthEmailButDoesNotExistAsUserAccountYet()
     OAuth2AccessToken token = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, "token",
         Instant.now(), Instant.now().plusSeconds(3600));
 
-    ClientRegistration clientRegistration = ClientRegistration.withRegistrationId("github")
+    ClientRegistration clientRegistration = ClientRegistration.withRegistrationId("gmail")
         .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE).clientId("clientId")
         .clientSecret("clientSecret").redirectUri("localhost:8080")
         .authorizationUri("localhost:8080/authorizationUri").tokenUri("localhost:8080/tokenUri")
         .userInfoUri("http://localhost:8080/userInfoUri").userNameAttributeName("username").build();
     OAuth2UserRequest request = new OAuth2UserRequest(clientRegistration, token);
 
     Map<String, Object> attributes = new HashMap<>();
-    attributes.put("login", username);
+    attributes.put("username", username);
     attributes.put("email", email);
 
     when(defaultOAuth2UserService.loadUser(request)).thenReturn(oAuth2User);
