javaspring-bootspring-securityspring-security-oauth2spring-social

Spring OAuth login with linkedin

I want to implement login with linkedin to my project. I tried implementing github and it work but with linkedin my code doesn't compile.

I implemented my login system using https://developer.okta.com/blog/2019/05/15/spring-boot-login-options#spring-boot-oauth-20-login-using-github-and-single-sign-on this.

I created /securePage and when I wanted to go to this page it redirected me to github login and authorize app, after that it redirected to me localhost:8080/securedPage. But when I wanted to do this with linkedin it didn't work. It told me to add provider id for linkedin (Caused by: java.lang.IllegalStateException: Provider ID must be specified for client registration 'linkedin'). When I add it, then it told me this: Caused by: java.lang.IllegalStateException: Unknown provider ID 'linkedin'.

My properties.yml file:

spring:
    security:
        oauth2:
            client:
                registration:
                    linkedin:
                        provider: linkedin
                        client-id: MY_CLIENT_ID
                        client-secret: MY_CLIENT_SECRET
                        user-authorization-uri: https://www.linkedin.com/oauth/v2/authorization
                        access-token-uri: https://www.linkedin.com/oauth/v2/accessToken
#                    github:
#                        client-id: MY_CLIENT_ID
#                        client-secret: MY_CLIENT_SECRET

This is what it gives me when I add 'provider: linkedin' to application.yml

Caused by: java.lang.IllegalStateException: Unknown provider ID 'linkedin'
    at org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientPropertiesRegistrationAdapter.getBuilder(OAuth2ClientPropertiesRegistrationAdapter.java:95) ~[spring-boot-autoconfigure-2.1.6.RELEASE.jar:2.0.1.RELEASE]
    at org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientPropertiesRegistrationAdapter.getClientRegistration(OAuth2ClientPropertiesRegistrationAdapter.java:61) ~[spring-boot-autoconfigure-2.1.6.RELEASE.jar:2.0.1.RELEASE]
    at org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientPropertiesRegistrationAdapter.lambda$getClientRegistrations$0(OAuth2ClientPropertiesRegistrationAdapter.java:53) ~[spring-boot-autoconfigure-2.1.6.RELEASE.jar:2.0.1.RELEASE]
    at java.util.HashMap.forEach(HashMap.java:1289) ~[na:1.8.0_201]
    at org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientPropertiesRegistrationAdapter.getClientRegistrations(OAuth2ClientPropertiesRegistrationAdapter.java:52) ~[spring-boot-autoconfigure-2.1.6.RELEASE.jar:2.0.1.RELEASE]
    at org.springframework.boot.autoconfigure.security.oauth2.client.servlet.OAuth2ClientRegistrationRepositoryConfiguration.clientRegistrationRepository(OAuth2ClientRegistrationRepositoryConfiguration.java:55) ~[spring-boot-autoconfigure-2.1.6.RELEASE.jar:2.1.6.RELEASE]
    at org.springframework.boot.autoconfigure.security.oauth2.client.servlet.OAuth2ClientRegistrationRepositoryConfiguration$$EnhancerBySpringCGLIB$$cfaed288.CGLIB$clientRegistrationRepository$0(<generated>) ~[spring-boot-autoconfigure-2.1.6.RELEASE.jar:2.1.6.RELEASE]
    at org.springframework.boot.autoconfigure.security.oauth2.client.servlet.OAuth2ClientRegistrationRepositoryConfiguration$$EnhancerBySpringCGLIB$$cfaed288$$FastClassBySpringCGLIB$$673de55c.invoke(<generated>) ~[spring-boot-autoconfigure-2.1.6.RELEASE.jar:2.1.6.RELEASE]
    at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:244) ~[spring-core-5.1.8.RELEASE.jar:5.1.8.RELEASE]
    at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:363) ~[spring-context-5.1.8.RELEASE.jar:5.1.8.RELEASE]
    at org.springframework.boot.autoconfigure.security.oauth2.client.servlet.OAuth2ClientRegistrationRepositoryConfiguration$$EnhancerBySpringCGLIB$$cfaed288.clientRegistrationRepository(<generated>) ~[spring-boot-autoconfigure-2.1.6.RELEASE.jar:2.1.6.RELEASE]
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_201]
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_201]
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_201]
    at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_201]
    at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154) ~[spring-beans-5.1.8.RELEASE.jar:5.1.8.RELEASE]
    ... 118 common frames omitted

And this is when I didn't add 'provider: linkedin'

Caused by: java.lang.IllegalStateException: Provider ID must be specified for client registration 'linkedin'
    at org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientPropertiesRegistrationAdapter.getBuilder(OAuth2ClientPropertiesRegistrationAdapter.java:95) ~[spring-boot-autoconfigure-2.1.6.RELEASE.jar:2.0.1.RELEASE]
    at org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientPropertiesRegistrationAdapter.getClientRegistration(OAuth2ClientPropertiesRegistrationAdapter.java:61) ~[spring-boot-autoconfigure-2.1.6.RELEASE.jar:2.0.1.RELEASE]
    at org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientPropertiesRegistrationAdapter.lambda$getClientRegistrations$0(OAuth2ClientPropertiesRegistrationAdapter.java:53) ~[spring-boot-autoconfigure-2.1.6.RELEASE.jar:2.0.1.RELEASE]
    at java.util.HashMap.forEach(HashMap.java:1289) ~[na:1.8.0_201]
    at org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientPropertiesRegistrationAdapter.getClientRegistrations(OAuth2ClientPropertiesRegistrationAdapter.java:52) ~[spring-boot-autoconfigure-2.1.6.RELEASE.jar:2.0.1.RELEASE]
    at org.springframework.boot.autoconfigure.security.oauth2.client.servlet.OAuth2ClientRegistrationRepositoryConfiguration.clientRegistrationRepository(OAuth2ClientRegistrationRepositoryConfiguration.java:55) ~[spring-boot-autoconfigure-2.1.6.RELEASE.jar:2.1.6.RELEASE]
    at org.springframework.boot.autoconfigure.security.oauth2.client.servlet.OAuth2ClientRegistrationRepositoryConfiguration$$EnhancerBySpringCGLIB$$6ad24949.CGLIB$clientRegistrationRepository$0(<generated>) ~[spring-boot-autoconfigure-2.1.6.RELEASE.jar:2.1.6.RELEASE]
    at org.springframework.boot.autoconfigure.security.oauth2.client.servlet.OAuth2ClientRegistrationRepositoryConfiguration$$EnhancerBySpringCGLIB$$6ad24949$$FastClassBySpringCGLIB$$1e63fd0a.invoke(<generated>) ~[spring-boot-autoconfigure-2.1.6.RELEASE.jar:2.1.6.RELEASE]
    at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:244) ~[spring-core-5.1.8.RELEASE.jar:5.1.8.RELEASE]
    at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:363) ~[spring-context-5.1.8.RELEASE.jar:5.1.8.RELEASE]
    at org.springframework.boot.autoconfigure.security.oauth2.client.servlet.OAuth2ClientRegistrationRepositoryConfiguration$$EnhancerBySpringCGLIB$$6ad24949.clientRegistrationRepository(<generated>) ~[spring-boot-autoconfigure-2.1.6.RELEASE.jar:2.1.6.RELEASE]
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_201]
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_201]
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_201]
    at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_201]
    at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154) ~[spring-beans-5.1.8.RELEASE.jar:5.1.8.RELEASE]
    ... 148 common frames omitted

Can anyone help me with this please.

Solution

  • Assuming your are using the latest version of spring-security. It looks like a configuration issue.
    I think the file should look like :

    spring:  
  ...
  security:  
    oauth2:  
      client:  
        registration:  
          github:  
            client-id: << Client ID >>  
            client-secret: << Secret >>  
          linkedin:  
            client-id: << Client ID >>  
            client-secret: <<  Secret >> 
            ...

        provider:  
          linkedin:  
            << provider related configuration values >>

    See this issue on Spring's github : https://github.com/spring-projects/spring-security/issues/5983

    Then you can also check this sample (link in the issue thread) : https://github.com/jgrandja/oauth2login-demo/tree/linkedin

    Hope it helps !