This is a simple Web application that demonstrates adding Spring Social to an existing application that uses Spring Security for authentication and authorization, and that manages its own user accounts (with usernames and passwords). The goal is to add as much Spring Social functionality as possible, including: - new users signing in using a provider (e.g. Twitter, Facebook, etc.) - users connecting their local accounts to provider accounts - users viewing their connected provider accounts - users with connected provider accounts signing in using a provider - users disconnecting their local accounts from provider accounts To use this application you must create Twitter and Facebook apps: https://dev.twitter.com/apps/new https://developers.facebook.com/apps In order to start up this application you will need to create a file in src/main/resources called "spring-security-social.properties". You must provide values for all of the following properties: - site.url - URL used in the OAuth process - social.crypto.password - password for encrypting/decrypting store OAuth secrets - twitter.app.consumerKey - the consumer key for your Twitter application - twitter.app.consumerSecret - the consumer secret for your Twitter application - facebook.app.clientId - the client id for your Facebook application - facebook.app.clientSecret - the client secret for your Facebook application This app uses an in-memory database, so once you've got the properties file configured, you should be able to build and run the app (e.g. using "mvn jetty:run"). Navigate to the root of the application in your browser and you should be redirected to the login page. From here you have a few options: - sign in using Twitter or Facebook - sign in using a username and password - sign up (create an account with a username and password) Once you've signed in you have the following options: - connect or disconnect a Twitter account - connect or disconnect a Facebook account - log out NOTE: Spring Social allows for many-to-many relationships between local accounts and provider accounts. This provides maximum flexibility but probably is not the most common use case. In this application users may only connect one account from a provider to one local account. Attempts to connect, for example, one Twitter account to two local accounts, will fail. Similarly attempts to connect two Twitter accounts to one local account will fail. This enforcement is handled in the ConnectionRepository.addConnection() implementation in SocialUserConnectionRepositoryImpl.
sdouglass/spring-security-social
A simple Web app to demo adding Spring Social features to an app that uses Spring Security.
Java