Our application is strongly integrated with Twitter, so it seems logical that we would allow authentication through Twitter.
Before going further, make sure that you have enabled Twitter sign in on your app on Twitter (https://apps.twitter.com):
Spring social enables authentication through an OAuth provider such as Twitter through a signin/signup scenario. It will intercept a POST
request on /signin/twitter
. If the user is not known to the UsersConnectionRepository
interface, the signup
endpoint will be called. It will allow us to take the necessary measures to register the user on our system and maybe ask them for additional details.
Let's get to work. The first thing we need to do is to add the signin/**
and /signup
URLs as publicly available resources. Let's modify our WebSecurityConfiguration
class, changing the permitAll
line:
.antMatchers("/webjars/**", "/login", "/signin/**", "/signup").permitAll()
To enable the signin/signup scenario...