Use LINE Login with Spring Security
LINE Login is one of pillar developer product of LINE for help developer able to develop application connect to LINE users and help application easy access by 45 million of LINE users in Thailand. For mobile application have SDK ready for developer to use to integrate but website system such as Spring Framework must be use OAuth 2.0 and OpenID connect for example that LINE developer provided use semi SDK that seem like manual integrate to project that not use advantage of Spring Framework. In this article will introduce to uses Spring Security that one of pillar of Spring Framework to use OAuth 2.0 Let Go!!!.
LINE Login
This is tools that make user easy able to create their own account for mobile app or website with existing LINE account that can uses for Android, iOS and Website
For website, use OAuth 2.0 and OpenID Connect protocol fror authentication and authorization process with LINE Login.
Login Workflow
The process for website login for LINE Login uses OAuth 2.0 authorization code workflow and OpenID Connect protocol for send and receive data between user, website (server-side) and LINE Platform.
- Application send user to
https://access.line.me/oauth2/v2.1/authorizedirectly with required query parameter. - Open LINE Login page on web browser and user to do login with their credential for authentication then LINE Platform validate user credential then ask user for permission for application.
- LINE Platform redirects user back to application with
redirect_uriwith authentication code and state in query string. - Application need to request to
https://api.line.me/oauth2/v2.1/tokenwith authentication code to get access token of particular user. - LINE Platform will validate user information that requested and return back with access token
Use this LINE Platfom provided access token to request particular user information with Social API
YOU need to register for LINE developer and create LINE Login channel as this guideline.
Spring Project
To use Spring Initializr create Spring Boot project with Web, Security dependency for main dependency of Spring Security and Thymeleaf for Spring MVC to show user information.
By adding spring-security-oauth2-client dependency to use OAuth 2.0 client for communicate with LINE Platform, all main dependency show as below.
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-client</artifactId>
<version>5.1.3.RELEASE</version>
</dependency>
....</dependency>
</dependencies>
Spring Security Config
We need to create Spring Security configuration for setting each configuration of Spring Security to use OAuth 2.0 to connect with LINE Platform.
Separate configuration to 2 portion:
LineLoginSecurityConfigis inner class (or separate class) for setting all of HttpSecurity to use OAuth2 Login.ClientRegistrationRepositoryis Bean to settingClientRegistrationfor define all values to OAuth 2.0 authentication code workflow.
The importance configuration of ClientRegistration for LINE Login are:
- clientId — use LINE Login
Channel ID - clientSecret — use LINE Login
Channel Secret - authorizationUri — use
https://access.line.me/oauth2/v2.1/authorizeto redirect User to LINE Login page. - tokenUri — use
https://api.line.me/oauth2/v2.1/tokenfor request access token from LINE Platform. - userInfoUri — use
https://api.line.me/v2/profilefor request User’s information with access token from Social API.
MVC Controller and Index page for show user information after user did logged in from User Login page with LINE Login.
Run Project
After complete all configuration, we need to run application to see it working well with maven command mvc spring-boot:run .
Try to open http://localhost:8080 then web redirect us to LINE Login page.
After we click on “Login” the verification process perform OAuth 2.0 with Spring Security and redirect back us to User information page.
Conclusion
After we tried to create project to use LINE Login with Spring Security replace LINE semi SDK that provided by LINE, we just add few configuration in part of ClientRegistration for setting some value related to LINE Login OAuth 2.0 workflow, we can get application that used LINE Login.
