I have seen the Spring security docs.https://docs.spring.io/spring-security/site/docs/5.2.1.RELEASE/reference/htmlsingle/#oauth2 But I don't really know the different use-case between oauth2Login() and oauth2Client(). Are there any samples ?
oauth2Login()
will authenticate the user with OAuth2 (or OIDC), populating Spring's Principal with the information from either the JWT or the userInfo endpoint. oauth2Client()
won't authenticate the user but will seek permission from the OAuth2 authorization server for the resources (scopes) it needs to access. With oauth2Client()
you'll still need to authenticate the user, for example via formLogin()
.
A more detailed explanation can be found here.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With