Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Spring Social facebook + Spring Security

I want to integrate Spring Social facebook into my application with Spring Security (I use xml configurations). All I need is just connect facebook account with my app's account. In simple example I found this:

<bean id="connectionRepository" factory-method="createConnectionRepository" 
      factory-bean="usersConnectionRepository" scope="request">
    <constructor-arg value="#{request.userPrincipal.name}" />
    <aop:scoped-proxy proxy-target-class="false" />
</bean>

So, as I understood, this method comes into play:

public ConnectionRepository createConnectionRepository(String userId) {
        if (userId == null) {
            throw new IllegalArgumentException("userId cannot be null");
        }
        return new JdbcConnectionRepository(userId, jdbcTemplate, connectionFactoryLocator, textEncryptor, tablePrefix);
    }

It resives "userId" from #{request.userPrincipal.name}. So, my question: How can I pass "userId" to this method if I want to obtain this "userId" using SecurityContextHolder.getContext().getAuthentication().getPrincipal().

The only way I see is to create my implementation of JdbcUsersConnectionRepository and redefine createConnectionRepository(String userId) method. But maybe there is more elegant solution.

like image 586
chaldaean Avatar asked Apr 10 '13 07:04

chaldaean


People also ask

What is Spring Social?

The Spring Social project enables your applications to establish Connections with Software-as-a-Service (SaaS) Providers such as Facebook and Twitter to invoke APIs on behalf of Users.

Is OAuth2RestTemplate deprecated?

Deprecated. Strategy for extracting an Authorization header from an access token and the request details.

What is OAuth2AuthorizedClientRepository?

OAuth2AuthorizedClientRepository: is a container class that holds and persists authorized clients between requests. The default implementation, InMemoryOAuth2AuthorizedClientService , simply stores the clients in memory.


1 Answers

There is another way:

<bean id="connectionRepository" factory-method="createConnectionRepository" factory-bean="usersConnectionRepository"
    scope="request">
    <constructor-arg value="#{authenticationService.getAuthenticatedUsername()}" />
    <aop:scoped-proxy proxy-target-class="false" />
</bean>

@Service("authenticationService")
public class AuthenticationService {

    public String getAuthenticatedUsername() {
        return SecurityContextHolder.getContext().getAuthentication().getPrincipal();
    }

}

You can do it complitely in SPeL too (I do not like this kind of dependencies):

<bean id="connectionRepository" factory-method="createConnectionRepository" factory-bean="usersConnectionRepository"
    scope="request">
    <constructor-arg value="#{T(org.springframework.security.core.context.SecurityContextHolder).getContext().getAuthentication().getPrincipal()}" />
    <aop:scoped-proxy proxy-target-class="false" />
</bean>
like image 161
Maksym Demidas Avatar answered Sep 28 '22 00:09

Maksym Demidas