SZUT/casino
SZUT/casino
Archived
3
1
Fork 0
Code Issues Pull requests 2 Releases 162 Packages 2 Wiki Activity Actions

feat: implement Google OAuth2 authentication flow
Some checks failed
CI / Get Changed Files (pull_request) Successful in 8s
Details
CI / eslint (pull_request) Successful in 33s
Details
CI / prettier (pull_request) Failing after 36s
Details
CI / oxlint (pull_request) Successful in 42s
Details
CI / Checkstyle Main (pull_request) Failing after 1m8s
Details
CI / Docker frontend validation (pull_request) Successful in 1m46s
Details
CI / test-build (pull_request) Successful in 1m46s
Details
CI / Docker backend validation (pull_request) Successful in 2m36s
Details

Browse source
This commit is contained in:
Constantin Simonis 2025-05-21 11:34:00 +02:00
commit 07b594fa36
No known key found for this signature in database
GPG key ID: 3878FF77C24AF4D2
11 changed files with 342 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

49
backend/src/main/java/de/szut/casino/security/GoogleController.java Normal file
View file

@ -0,0 +1,49 @@
package de.szut.casino.security;
import de.szut.casino.security.dto.AuthResponseDto;
import de.szut.casino.security.dto.GithubCallbackDto;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.servlet.view.RedirectView;
@RestController
@RequestMapping("/oauth2/google")
public class GoogleController {
private static final Logger logger = LoggerFactory.getLogger(GoogleController.class);
@Value("${spring.security.oauth2.client.registration.google.client-id}")
private String clientId;
@Value("${spring.security.oauth2.client.provider.google.authorization-uri}")
private String authorizationUri;
@Value("${spring.security.oauth2.client.registration.google.redirect-uri}")
private String redirectUri;
@Autowired
private GoogleService googleService;
@GetMapping("/authorize")
public RedirectView authorizeGoogle() {
logger.info("Redirecting to Google for authorization");
String authUrl = authorizationUri +
"?client_id=" + clientId +
"&redirect_uri=" + redirectUri +
"&response_type=code" +
"&scope=email profile";
return new RedirectView(authUrl);
}
@PostMapping("/callback")
public ResponseEntity<AuthResponseDto> googleCallback(@RequestBody GithubCallbackDto callbackDto) {
String code = callbackDto.getCode();
AuthResponseDto response = googleService.processGoogleCode(code);
return ResponseEntity.ok(response);
}
}

164
backend/src/main/java/de/szut/casino/security/GoogleService.java Normal file
View file

@ -0,0 +1,164 @@
package de.szut.casino.security;
import de.szut.casino.security.dto.AuthResponseDto;
import de.szut.casino.security.jwt.JwtUtils;
import de.szut.casino.user.AuthProvider;
import de.szut.casino.user.UserEntity;
import de.szut.casino.user.UserRepository;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.ResponseEntity;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap;
import org.springframework.web.client.RestTemplate;
import java.math.BigDecimal;
import java.util.*;
@Service
public class GoogleService {
private static final Logger logger = LoggerFactory.getLogger(GoogleService.class);
@Value("${spring.security.oauth2.client.registration.google.client-id}")
private String clientId;
@Value("${spring.security.oauth2.client.registration.google.client-secret}")
private String clientSecret;
@Value("${spring.security.oauth2.client.registration.google.redirect-uri}")
private String redirectUri;
@Value("${spring.security.oauth2.client.provider.google.token-uri}")
private String tokenUri;
@Value("${spring.security.oauth2.client.provider.google.user-info-uri}")
private String userInfoUri;
@Autowired
private AuthenticationManager authenticationManager;
@Autowired
private UserRepository userRepository;
@Autowired
private JwtUtils jwtUtils;
@Autowired
private PasswordEncoder oauth2PasswordEncoder;
public AuthResponseDto processGoogleCode(String code) {
try {
RestTemplate restTemplate = new RestTemplate();
HttpHeaders tokenHeaders = new HttpHeaders();
tokenHeaders.set("Content-Type", "application/x-www-form-urlencoded");
MultiValueMap<String, String> tokenRequestBody = new LinkedMultiValueMap<>();
tokenRequestBody.add("client_id", clientId);
tokenRequestBody.add("client_secret", clientSecret);
tokenRequestBody.add("code", code);
tokenRequestBody.add("redirect_uri", redirectUri);
tokenRequestBody.add("grant_type", "authorization_code");
HttpEntity<MultiValueMap<String, String>> tokenRequestEntity = new HttpEntity<>(tokenRequestBody, tokenHeaders);
ResponseEntity<Map> tokenResponse = restTemplate.exchange(
tokenUri,
HttpMethod.POST,
tokenRequestEntity,
Map.class
);
Map<String, Object> tokenResponseBody = tokenResponse.getBody();
if (tokenResponseBody == null || tokenResponseBody.containsKey("error")) {
String error = tokenResponseBody != null ? (String) tokenResponseBody.get("error") : "Unknown error";
throw new RuntimeException("Google OAuth error: " + error);
}
String accessToken = (String) tokenResponseBody.get("access_token");
if (accessToken == null || accessToken.isEmpty()) {
throw new RuntimeException("Failed to receive access token from Google");
}
HttpHeaders userInfoHeaders = new HttpHeaders();
userInfoHeaders.set("Authorization", "Bearer " + accessToken);
HttpEntity<String> userInfoRequestEntity = new HttpEntity<>(null, userInfoHeaders);
ResponseEntity<Map> userResponse = restTemplate.exchange(
userInfoUri,
HttpMethod.GET,
userInfoRequestEntity,
Map.class
);
Map<String, Object> userAttributes = userResponse.getBody();
if (userAttributes == null) {
throw new RuntimeException("Failed to fetch user data from Google");
}
String googleId = (String) userAttributes.get("sub");
String email = (String) userAttributes.get("email");
String name = (String) userAttributes.get("name");
Boolean emailVerified = (Boolean) userAttributes.getOrDefault("email_verified", false);
if (email == null) {
throw new RuntimeException("Google account does not have an email");
}
String username = name != null ? name.replaceAll("\\s+", "") : email.split("@")[0];
Optional<UserEntity> userOptional = userRepository.findByProviderId(googleId);
UserEntity user;
if (userOptional.isPresent()) {
user = userOptional.get();
} else {
userOptional = userRepository.findByEmail(email);
if (userOptional.isPresent()) {
user = userOptional.get();
user.setProvider(AuthProvider.GOOGLE);
user.setProviderId(googleId);
} else {
user = new UserEntity();
user.setEmail(email);
user.setUsername(username);
user.setProvider(AuthProvider.GOOGLE);
user.setProviderId(googleId);
user.setEmailVerified(emailVerified);
user.setBalance(new BigDecimal("100.00"));
}
}
String randomPassword = UUID.randomUUID().toString();
user.setPassword(oauth2PasswordEncoder.encode(randomPassword));
userRepository.save(user);
Authentication authentication = authenticationManager.authenticate(
new UsernamePasswordAuthenticationToken(user.getEmail(), randomPassword)
);
String token = jwtUtils.generateToken(authentication);
return new AuthResponseDto(token);
} catch (Exception e) {
logger.error("Failed to process Google authentication", e);
throw new RuntimeException("Failed to process Google authentication", e);
}
}
}

25
backend/src/main/java/de/szut/casino/security/oauth2/GoogleOAuth2UserInfo.java Normal file
View file

@ -0,0 +1,25 @@
package de.szut.casino.security.oauth2;
import java.util.Map;
public class GoogleOAuth2UserInfo extends OAuth2UserInfo {
public GoogleOAuth2UserInfo(Map<String, Object> attributes) {
super(attributes);
}
@Override
public String getId() {
return (String) attributes.get("sub");
}
@Override
public String getName() {
return (String) attributes.get("name");
}
@Override
public String getEmail() {
return (String) attributes.get("email");
}
}

2
backend/src/main/java/de/szut/casino/security/oauth2/OAuth2UserInfoFactory.java
View file

@ -10,6 +10,8 @@ public class OAuth2UserInfoFactory {
public static OAuth2UserInfo getOAuth2UserInfo(String registrationId, Map<String, Object> attributes) {
if (registrationId.equalsIgnoreCase(AuthProvider.GITHUB.toString())) {
return new GitHubOAuth2UserInfo(attributes);
} else if (registrationId.equalsIgnoreCase(AuthProvider.GOOGLE.toString())) {
return new GoogleOAuth2UserInfo(attributes);
} else {
throw new OAuth2AuthenticationProcessingException("Sorry! Login with " + registrationId + " is not supported yet.");
}

3
backend/src/main/java/de/szut/casino/user/AuthProvider.java
View file

@ -2,5 +2,6 @@ package de.szut.casino.user;
public enum AuthProvider {
LOCAL,
GITHUB
GITHUB,
GOOGLE
}

10
backend/src/main/resources/application.properties
View file

@ -41,3 +41,13 @@ spring.security.oauth2.client.provider.github.user-name-attribute=login
# OAuth Success and Failure URLs
app.oauth2.authorizedRedirectUris=${app.frontend-host}/auth/oauth2/callback
# Google OAuth2 Configuration
spring.security.oauth2.client.registration.google.client-id=${GOOGLE_CLIENT_ID:350791038883-c1r7v4o793itq8a0rh7dut7itm7uneam.apps.googleusercontent.com}
spring.security.oauth2.client.registration.google.client-secret=${GOOGLE_CLIENT_SECRET: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}
spring.security.oauth2.client.registration.google.redirect-uri=${app.frontend-host}/oauth2/callback/google
spring.security.oauth2.client.registration.google.scope=email,profile
spring.security.oauth2.client.provider.google.authorization-uri=https://accounts.google.com/o/oauth2/v2/auth
spring.security.oauth2.client.provider.google.token-uri=https://oauth2.googleapis.com/token
spring.security.oauth2.client.provider.google.user-info-uri=https://www.googleapis.com/oauth2/v3/userinfo
spring.security.oauth2.client.provider.google.user-name-attribute=sub

9
frontend/src/app/app.routes.ts
View file

@ -39,6 +39,15 @@ export const routes: Routes = [
import('./feature/auth/oauth2/oauth2-callback.component').then(
(m) => m.OAuth2CallbackComponent
),
data: { provider: 'github' }
},
{
path: 'oauth2/callback/google',
loadComponent: () =>
import('./feature/auth/oauth2/oauth2-callback.component').then(
(m) => m.OAuth2CallbackComponent
),
data: { provider: 'google' }
},
{
path: 'game/blackjack',

31
frontend/src/app/feature/auth/login/login.component.html
View file

@ -89,7 +89,7 @@
<div class="flex-grow h-px bg-deep-blue-light/30"></div>
</div>
<div class="mb-4">
<div class="space-y-3 mb-4">
<button
(click)="loginWithGithub()"
class="w-full py-2.5 px-4 rounded flex items-center justify-center bg-gray-800 hover:bg-gray-700 text-white transition-colors"
@ -106,6 +106,35 @@
</svg>
Mit GitHub anmelden
</button>
<button
(click)="loginWithGoogle()"
class="w-full py-2.5 px-4 rounded flex items-center justify-center bg-white hover:bg-gray-100 text-gray-800 transition-colors"
>
<svg
class="h-5 w-5 mr-2"
xmlns="http://www.w3.org/2000/svg"
viewBox="0 0 24 24"
>
<path
fill="#EA4335"
d="M5.266 9.765A7.077 7.077 0 0 1 12 4.909c1.69 0 3.218.6 4.418 1.582L19.91 3C17.782 1.145 15.055 0 12 0 7.27 0 3.198 2.698 1.24 6.65l4.026 3.115Z"
/>
<path
fill="#34A853"
d="M16.04 18.013c-1.09.703-2.474 1.078-4.04 1.078a7.077 7.077 0 0 1-6.723-4.823l-4.04 3.067A11.965 11.965 0 0 0 12 24c2.933 0 5.735-1.043 7.834-3l-3.793-2.987Z"
/>
<path
fill="#4A90E2"
d="M19.834 21c2.195-2.048 3.62-5.096 3.62-9 0-.71-.109-1.473-.272-2.182H12v4.637h6.436c-.317 1.559-1.17 2.766-2.395 3.558L19.834 21Z"
/>
<path
fill="#FBBC05"
d="M5.277 14.268A7.12 7.12 0 0 1 4.909 12c0-.782.125-1.533.357-2.235L1.24 6.65A11.934 11.934 0 0 0 0 12c0 1.92.445 3.73 1.237 5.335l4.04-3.067Z"
/>
</svg>
Mit Google anmelden
</button>
</div>
<div class="text-center">

5
frontend/src/app/feature/auth/login/login.component.ts
View file

@ -71,6 +71,11 @@ export class LoginComponent {
window.location.href = `${environment.apiUrl}/oauth2/github/authorize`;
}
loginWithGoogle(): void {
this.isLoading.set(true);
window.location.href = `${environment.apiUrl}/oauth2/google/authorize`;
}
switchToForgotPassword() {
this.forgotPassword.emit();
}

21
frontend/src/app/feature/auth/oauth2/oauth2-callback.component.ts
View file

@ -32,8 +32,28 @@ export class OAuth2CallbackComponent implements OnInit {
// Check for code in URL params
this.route.queryParams.subscribe((params) => {
const code = params['code'];
const provider = this.route.snapshot.data['provider'] || 'github';
if (code) {
if (provider === 'google') {
// Exchange Google code for a JWT token
this.authService.googleAuth(code).subscribe({
next: () => {
// Redirect to home after successful authentication
this.router.navigate(['/home']);
},
error: (err) => {
console.error('Google authentication error:', err);
this.error = err.error?.message || 'Authentication failed. Please try again.';
console.log('Error details:', err);
// Redirect back to landing page after showing error
setTimeout(() => {
this.router.navigate(['/']);
}, 3000);
},
});
} else {
// Exchange GitHub code for a JWT token
this.authService.githubAuth(code).subscribe({
next: () => {
@ -51,6 +71,7 @@ export class OAuth2CallbackComponent implements OnInit {
}, 3000);
},
});
}
} else {
this.error = 'Authentication failed. No authorization code received.';

9
frontend/src/app/service/auth.service.ts
View file

@ -79,6 +79,15 @@ export class AuthService {
);
}
googleAuth(code: string): Observable<AuthResponse> {
return this.http.post<AuthResponse>(`${this.oauthUrl}/google/callback`, { code }).pipe(
tap((response) => {
this.setToken(response.token);
this.loadCurrentUser();
})
);
}
logout(): void {
localStorage.removeItem(TOKEN_KEY);
localStorage.removeItem(USER_KEY);