spring-boot-react-oauth2-social-login-demo
spring-boot-react-oauth2-social-login-demo copied to clipboard
Cannot get the private email from Github API
Hello, I followed your code and I have a problem of getting email address after authenticating successfully against Github. The problem is that Github only provides us the public email address which is normally null by default.
To take the private emails, we should call API /user/emails with access token taken from the earlier authentication. However, I don't know how to retrieve that access token.
Do you have any suggestion?
If I am not wrong, only id
attribute is mandatory. name
, email
and avatar_url
can be null.
In your github account have a look at personal settings and email part. There is some tunable as:
- Keep my email addresses private, which will generate some email, as [email protected]. In this case, it is possible that you will receive null as email (through I have not tested it).
IMHO you should only use the id
attribute to identify github authorized users. Optional fields are only nice things to pre-populate user profile in your application.
What a nice suggestion @luvarqpp ! Thank you for this :D I'll try this way.
By the way, do you know how to retrieve the Access Token sent to us?
Thank you in advance, Dung
@lethuydung0109 it is a bit longer topic... OAuth does claim that some user has been authenticated by sending some info to your OAuth2AuthenticationSuccessHandler
class, which does have TokenProvider
, see https://github.com/callicoder/spring-boot-react-oauth2-social-login-demo/blob/ada77d0f23ecd511a089ecbdcd6e89aa8d9a49b6/spring-social/src/main/java/com/example/springsocial/security/oauth2/OAuth2AuthenticationSuccessHandler.java#L25 Given class does generate Authorization (Bearer) token for your application and this token (fully in your hands => you can encode in token for example shopping list of currently logged user if you need) is than used for authentication.
I can recommend you to have a look at some "deep dive" videos, like this one: https://www.youtube.com/watch?v=8rnOsF3RVQc