Skip to content
This repository

spring-security integration (spring-social-security) #12

Merged
merged 49 commits into from over 1 year ago

6 participants

Stefan Fussenegger Keith Donald Al Baker bfd Craig Walls Bruno Baia
Stefan Fussenegger

spring-security integration allowing OAuth authentication for spring-security.

Using the sample configuration all it takes is redirecting the user to /auth/facebook or /auth/twitter to add a connection (signed out) or authenticate (signed out).

Note that providers don't exist yet, as they should go into the newly created sub projects (spring-social-facebook, ...) (pull requests upcoming as soon as this one is done)

Keith Donald

Stefan,
Just wanted to get you an update here: we're working on getting RC1 out early this week, with a quick 1.0 to follow. I talked with Craig and we're gonna make integrating your Spring Security integration one of the top 1.1 priorities and expect the 1.1 cycle to move quickly as well.

Stefan Fussenegger

Keith, thanks for the update. Too bad security isn't making it into 1.0. I'm looking forward to 1.1 though.

For everybody interested in spring-security integration pre 1.1:

I've deployed Maven artifacts from our molindo branch to Sonatype's OSS Snapshot repository (using groupId at.molindo.social).

I'm not planning to to do a release, only snapshots, only until this pull request is closed.

PS: Monitoring of builds (CI/TeamCity) is also possible.

Stefan Fussenegger sfussenegger closed this
Stefan Fussenegger sfussenegger reopened this
Stefan Fussenegger

I've now updated the sample conf too. I've even added the necessary POM snippets to use my custom builds.

and others added some commits
Stefan Fussenegger ignore unknown providerIds allowing to handle them down the chain f09cf16
Stefan Fussenegger Merge branch 'master' into security ff0c991
Stefan Fussenegger fix for change of method name 2f90045
Stefan Fussenegger Merge branch 'master' into security f1b879f
Stefan Fussenegger configure default connectionAddedRedirectUrl for filter 2370e50
Stefan Fussenegger added failureHandler 4e48507
Stefan Fussenegger Merge branch 'master' into security d2e31b2
Stefan Fussenegger fixed build error after merging 4a6ee2d
Stefan Fussenegger changed addSignInAttempt(..) to replace existing, alwasy redirect to …
…signup url
81a9c98
Stefan Fussenegger Merge branch 'master' into security 4072bcc
Stefan Fussenegger optionaly update existing connections after auth success 1d9e3e2
Stefan Fussenegger Merge branch 'master' into security 65363aa
Stefan Fussenegger force UserDetails to remember userId 26a0d26
Stefan Fussenegger force UserDetails to remember userId 7e909f7
Stefan Fussenegger added possibility to remove SignInAttempt 1bf3bd5
Stefan Fussenegger configurable scope property 6d1d2dd
Stefan Fussenegger fixed possible NPE b48bbf1
Using COALESCE instead of IFNULL for Postgres 8.4 support. 53e10f8
Added default constructor for InsufficientPermissionsException for ti…
…mes when the required permission is unknown.
8e0736a
Added some tests around ConnectionKey's equals(), hashCode(), and toS…
…tring() methods as well as fixed symmetric bug in equals()
fbe87d5
Bruno Baia Polishing while porting to .NET c8c24eb
Updated H2 and Jackson dependency versions 4d08940
Return redirect URL from SignInAdapter and redirect to it in Provider…
…SignInController if it's not null. In this way it's possible for the SignInAdapter implementation to tell PSIC to redirect to the original target URL when the user was forced to sign in. SOCIAL-227
119b92a
Updated H2 version to 1.3.158 7dc8b56
polishing 0870acf
polish 7f81143
Update connection after provider sign in. SOCIAL-222 f5a36c2
ProviderSignInControllerTest a1bb632
Set Cache-Control: no-cache header in ConnectController for connectio…
…n status pages. SOCIAL-224
a5f1365
Set more cache-controlling headers to prevent caching of connection s…
…tatus pages. SOCIAL-224
2742a31
ConnectionKey implements Serializable. SOCIAL-225. 9a1a342
updated changelog.txt 9117603
Unified DuplicateTweetException and DuplicateStatusException into a c…
…ommon DuplicateStatusException
dd5b9f2
Stefan Fussenegger handle client errors while exchanging for access f4a45b6
Stefan Fussenegger throw exception if explicit auth fails ccfcc6f
Stefan Fussenegger fixed some bugs 2caf4ae
Al Baker

Any status on this pull request? Lots of folks looking for a more straight forward integration of Spring Security and Spring Social, such that social logins hook into the providers and create a login within spring security as well

Stefan Fussenegger Merge branch 'master' into security
Conflicts:
	build.gradle
	docs/src/info/changelog.txt
	spring-social-web/src/main/java/org/springframework/social/connect/web/ConnectController.java
	spring-social-web/src/main/java/org/springframework/social/connect/web/ProviderSignInController.java
	spring-social-web/src/test/java/org/springframework/social/connect/web/ProviderSignInControllerTest.java
9533974
Stefan Fussenegger fixed after merging 6e6bb56
bfd
bfd commented

I second this request, it would be very helpful to have this in an official form and repository of some kind.

Stefan Fussenegger

@kdonald @habuma Any news on spring-social integration plans?

Craig Walls
Collaborator
habuma commented

It's on the roadmap for 1.1 and I hope to be able to focus more on that in the next several weeks. But at the moment I'm tied up with some unrelated stuff and just haven't had the opportunity to focus on this with the attention it deserves. I hope to have a more complete update for you soon.

Craig Walls habuma merged commit 6e6bb56 into from
Craig Walls habuma closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Showing 49 unique commits by 5 authors.

May 24, 2011
Stefan Fussenegger initial commit 523ffd0
Stefan Fussenegger added TODOs b5dd7b8
Stefan Fussenegger added spring-social-security 9c74a55
Stefan Fussenegger fixed javadoc warnings b94eb46
Stefan Fussenegger added GitHub and Gowalla services 0f2f72f
Stefan Fussenegger configurable connection cardinality (one-to-one, one-to-many, ...) per
provider.
76096ad
Stefan Fussenegger use SocialAuthenticationRegistry in SocialAuthenticationFitler to
avoid 2nd mapping, reuse ConnectionFactoryLocator instead
1b54365
Stefan Fussenegger redirect to configurable signupUrl (default "/signup") for yet unknown
connections for unauthenticated users
d5ba91e
Stefan Fussenegger - allow simpler configuration of postLoginUrl
- don't redirect if implicit auth succeeds
6b9056a
Stefan Fussenegger check connection expire time fb4681e
Stefan Fussenegger removed provider implementations, move them to respective provider
project instead
304af8c
Jun 14, 2011
Stefan Fussenegger ignore unknown providerIds allowing to handle them down the chain f09cf16
Stefan Fussenegger Merge branch 'master' into security ff0c991
Stefan Fussenegger fix for change of method name 2f90045
Jun 15, 2011
Stefan Fussenegger Merge branch 'master' into security f1b879f
Jun 22, 2011
Stefan Fussenegger configure default connectionAddedRedirectUrl for filter 2370e50
Stefan Fussenegger added failureHandler 4e48507
Stefan Fussenegger Merge branch 'master' into security d2e31b2
Stefan Fussenegger fixed build error after merging 4a6ee2d
Jun 27, 2011
Stefan Fussenegger changed addSignInAttempt(..) to replace existing, alwasy redirect to …
…signup url
81a9c98
Stefan Fussenegger Merge branch 'master' into security 4072bcc
Jun 28, 2011
Stefan Fussenegger optionaly update existing connections after auth success 1d9e3e2
Stefan Fussenegger Merge branch 'master' into security 65363aa
Stefan Fussenegger force UserDetails to remember userId 26a0d26
Stefan Fussenegger force UserDetails to remember userId 7e909f7
Jun 29, 2011
Stefan Fussenegger added possibility to remove SignInAttempt 1bf3bd5
Jul 01, 2011
Stefan Fussenegger configurable scope property 6d1d2dd
Jul 06, 2011
Stefan Fussenegger fixed possible NPE b48bbf1
Jul 22, 2011
Using COALESCE instead of IFNULL for Postgres 8.4 support. 53e10f8
Added default constructor for InsufficientPermissionsException for ti…
…mes when the required permission is unknown.
8e0736a
Added some tests around ConnectionKey's equals(), hashCode(), and toS…
…tring() methods as well as fixed symmetric bug in equals()
fbe87d5
Bruno Baia Polishing while porting to .NET c8c24eb
Updated H2 and Jackson dependency versions 4d08940
Return redirect URL from SignInAdapter and redirect to it in Provider…
…SignInController if it's not null. In this way it's possible for the SignInAdapter implementation to tell PSIC to redirect to the original target URL when the user was forced to sign in. SOCIAL-227
119b92a
Updated H2 version to 1.3.158 7dc8b56
polishing 0870acf
polish 7f81143
Update connection after provider sign in. SOCIAL-222 f5a36c2
ProviderSignInControllerTest a1bb632
Set Cache-Control: no-cache header in ConnectController for connectio…
…n status pages. SOCIAL-224
a5f1365
Set more cache-controlling headers to prevent caching of connection s…
…tatus pages. SOCIAL-224
2742a31
ConnectionKey implements Serializable. SOCIAL-225. 9a1a342
updated changelog.txt 9117603
Unified DuplicateTweetException and DuplicateStatusException into a c…
…ommon DuplicateStatusException
dd5b9f2
Stefan Fussenegger handle client errors while exchanging for access f4a45b6
Stefan Fussenegger throw exception if explicit auth fails ccfcc6f
Aug 08, 2011
Stefan Fussenegger fixed some bugs 2caf4ae
Sep 09, 2011
Stefan Fussenegger Merge branch 'master' into security
Conflicts:
	build.gradle
	docs/src/info/changelog.txt
	spring-social-web/src/main/java/org/springframework/social/connect/web/ConnectController.java
	spring-social-web/src/main/java/org/springframework/social/connect/web/ProviderSignInController.java
	spring-social-web/src/test/java/org/springframework/social/connect/web/ProviderSignInControllerTest.java
9533974
Stefan Fussenegger fixed after merging 6e6bb56
Something went wrong with that request. Please try again.