Minor refactor for oauth.:wq
parent
2592d338bb
commit
16180f4c6d
|
@ -62,9 +62,9 @@ Test coverage report of unit and integration test can be found in wisemapping-op
|
|||
## Google authorization
|
||||
|
||||
You must configure the following wisemapping properties (app.properties) in order to get google authorization working
|
||||
* `google.oauth2.callbackUrl`: url where google will redirect after user authentication, tipically {frontendBaseUrl}/c/registration-google. Also, this url must be defined in google app configuration
|
||||
* `google.oauth2.clientId`: client id from google app
|
||||
* `google.oauth2.clientSecret`: client secret from google app
|
||||
* `security.oauth2.google.callbackUrl`: url where google will redirect after user authentication, tipically {frontendBaseUrl}/c/registration-google. Also, this url must be defined in google app configuration
|
||||
* `security.oauth2.google.clientId`: client id from google app
|
||||
* `security.oauth2.google.clientSecret`: client secret from google app
|
||||
|
||||
You must create a Google Application in [Google Cloud](https://console.cloud.google.com) and complete all the information required by Google. Here are the most important properties.
|
||||
|
||||
|
|
|
@ -54,7 +54,7 @@ public class RequestPropertiesInterceptor implements HandlerInterceptor {
|
|||
@Value("${security.type}")
|
||||
private String securityType;
|
||||
|
||||
@Value("${google.oauth2.url}")
|
||||
@Value("${security.oauth2.google.url}")
|
||||
private String googleOauth2Url;
|
||||
|
||||
@Override
|
||||
|
@ -67,7 +67,7 @@ public class RequestPropertiesInterceptor implements HandlerInterceptor {
|
|||
request.setAttribute("google.recaptcha2.enabled", recaptcha2Enabled);
|
||||
request.setAttribute("google.recaptcha2.siteKey", recaptcha2SiteKey);
|
||||
|
||||
request.setAttribute("google.oauth2.url", googleOauth2Url);
|
||||
request.setAttribute("security.oauth2.google.url", googleOauth2Url);
|
||||
|
||||
request.setAttribute("site.homepage", siteHomepage);
|
||||
request.setAttribute("site.static.js.url", siteStaticUrl);
|
||||
|
|
|
@ -134,22 +134,28 @@ security.ldap.auth.attribute=mail
|
|||
security.ldap.lastName.attribute=sn
|
||||
security.ldap.firstName.attribute=givenName
|
||||
|
||||
#######################################################################################
|
||||
# Google OAuth Authentication
|
||||
#######################################################################################
|
||||
|
||||
# Redirect to this url, this url must be configured in the google app {baseurl}/c/registration-google
|
||||
security.oauth2.google.callbackUrl=https://wisemapping.com/c/registration-google
|
||||
# Google service for finish registration process, ie. exchange temporal code for user token
|
||||
security.oauth2.google.confirmUrl=https://oauth2.googleapis.com/token
|
||||
# Google service for get user data (name, email, etc)
|
||||
security.oauth2.google.userinfoUrl=https://www.googleapis.com/oauth2/v3/userinfo
|
||||
# Url for starting auth process with google
|
||||
security.oauth2.google.url=https://accounts.google.com/o/oauth2/v2/auth?redirect_uri=${security.oauth2.google.callbackUrl}&prompt=consent&response_type=code&client_id=${security.oauth2.google.clientId}&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile%20https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email&access_type=offline&state=wisemapping&include_granted_scopes=true
|
||||
|
||||
# Configure the following settings ...
|
||||
# OAuth Client id
|
||||
#security.oauth2.google.clientId=
|
||||
# OAuth Client secret
|
||||
#security.oauth2.google.clientSecret=
|
||||
|
||||
#######################################################################################
|
||||
# User Account filtering policies
|
||||
#######################################################################################
|
||||
|
||||
# Coma separated list of domains and emails ban
|
||||
#accounts.exclusion.domain=
|
||||
|
||||
# google will redirect to this url, this url must be configured in the google app
|
||||
# {baseurl}/c/registration-google
|
||||
google.oauth2.callbackUrl=https://wisemapping.com/c/registration-google
|
||||
# google app client id
|
||||
google.oauth2.clientId=
|
||||
# google app client secret
|
||||
google.oauth2.clientSecret=
|
||||
# google service for finish registration process, ie. exchange temporal code for user token
|
||||
google.oauth2.confirmUrl=https://oauth2.googleapis.com/token
|
||||
# google service for get user data (name, email, etc)
|
||||
google.oauth2.userinfoUrl=https://www.googleapis.com/oauth2/v3/userinfo
|
||||
# url for starting auth process with google
|
||||
google.oauth2.url=https://accounts.google.com/o/oauth2/v2/auth?redirect_uri=${google.oauth2.callbackUrl}&prompt=consent&response_type=code&client_id=${google.oauth2.clientId}&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile%20https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email&access_type=offline&state=wisemapping&include_granted_scopes=true
|
||||
|
||||
|
|
|
@ -23,11 +23,11 @@
|
|||
|
||||
<bean id="googleService" class="com.wisemapping.service.google.GoogleService">
|
||||
<property name="httpInvoker" ref="httpInvoker"/>
|
||||
<property name="optinConfirmUrl" value="${google.oauth2.confirmUrl}"/>
|
||||
<property name="accountBasicDataUrl" value="${google.oauth2.userinfoUrl}"/>
|
||||
<property name="clientId" value="${google.oauth2.clientId}"/>
|
||||
<property name="clientSecret" value="${google.oauth2.clientSecret}"/>
|
||||
<property name="callbackUrl" value="${google.oauth2.callbackUrl}"/>
|
||||
<property name="optinConfirmUrl" value="${security.oauth2.google.confirmUrl}"/>
|
||||
<property name="accountBasicDataUrl" value="${security.oauth2.google.userinfoUrl}"/>
|
||||
<property name="clientId" value="${security.oauth2.google.clientId}"/>
|
||||
<property name="clientSecret" value="${security.oauth2.google.clientSecret}"/>
|
||||
<property name="callbackUrl" value="${security.oauth2.google.callbackUrl}"/>
|
||||
</bean>
|
||||
|
||||
<bean id="userServiceTarget" class="com.wisemapping.service.UserServiceImpl">
|
||||
|
|
|
@ -20,7 +20,7 @@
|
|||
clientType: 'rest',
|
||||
recaptcha2Enabled: ${requestScope['google.recaptcha2.enabled']},
|
||||
recaptcha2SiteKey: '${requestScope['google.recaptcha2.siteKey']}',
|
||||
googleOauth2Url: '${requestScope['google.oauth2.url']}'
|
||||
googleOauth2Url: '${requestScope['security.oauth2.google.url']}'
|
||||
};
|
||||
|
||||
</script>
|
||||
|
|
Loading…
Reference in New Issue