gate icon indicating copy to clipboard operation
gate copied to clipboard
verified publisher icon spinnaker

feat(OAuth2): Remove deprecated OAuth2 annotation. Instead Use Java DSL way of OAuth2

Open rahul-chekuri opened this issue 1 year ago • 2 comments

Oauth configuration properties are changed for new java way of dsl.

Old Config Properties:

security:
  authn:
    oauth2:
      enabled: true
      client:
        clientId: <client-id>
        clientSecret: <client-secret>
        accessTokenUri: https://www.googleapis.com/oauth2/v4/token
        userAuthorizationUri: https://accounts.google.com/o/oauth2/v2/auth
        scope: profile email
      userInfoRequirements:
        hd: <domain>
      resource:
        userInfoUri: https://www.googleapis.com/oauth2/v3/userinfo
      userInfoMapping:
        email: email
        firstName: given_name
        lastName: family_name
      provider: GOOGLE

New Config Properties:

Google:

spring:
  security:
    oauth2:
      client:
        registration:
          google:
            client-id: <client-id>
            client-secret: <client-secret>
            authorization-grant-type: authorization_code
            redirect-uri: "https://<your-domain>/login/oauth2/code/google"
            scope: profile,email,openid
            client-name: google
        provider:
          google:
            authorization-uri: https://accounts.google.com/o/oauth2/auth
            token-uri: https://oauth2.googleapis.com/token
            user-info-uri: https://www.googleapis.com/oauth2/v3/userinfo
            user-name-attribute: sub

Github:

spring:
  security:
    oauth2:
      client:
        registration:
          userInfoMapping:
            email: email
            firstName: ''
            lastName: name
            username: login
          github:
            client-id: <client-id>
            client-secret: <client-secret>
            authorization-grant-type: authorization_code
            redirect-uri: "https://<your-domain>/login/oauth2/code/github"
            scope: user,email
            client-name: github
        provider:
          github:
            authorization-uri: https://github.com/login/oauth/authorize
            token-uri: https://github.com/login/oauth/access_token
            user-info-uri: https://api.github.com/user
            user-name-attribute: login

rahul-chekuri avatar Mar 09 '25 09:03 rahul-chekuri

Looks like there are some config property changes here, so I'd say this is a feature, not a refactor. Please also describe old and new params in the commit message + PR description.

dbyron-sf avatar Mar 10 '25 15:03 dbyron-sf

Looks like there are some config property changes here, so I'd say this is a feature, not a refactor. Please also describe old and new params in the commit message + PR description.

@dbyron-sf updated the description and commit message with config properties. Please take a look :)

rahul-chekuri avatar Mar 12 '25 14:03 rahul-chekuri