oauth provider does not create gorm user?

[Phillip Rhodes]

Hello.

I am using version 1.5.1 of the plugin.  I can login using a local account (GORM) and use the rest token successfully in my client application.  

Trying to use google as oauth provider problem:

When I login via google, I get forwarded to my configured "frontendCallbackUrl", my frontend receives and sends (in subsequent rest call) the correct rest token. Rest token is in database. There is no user in the database that matches the profile.id, "111665385303429083134"

Here are logs for a rest call:

2015-06-27 10:06:14,775 [http-bio-8180-exec-9] DEBUG bearer.BearerTokenReader - Looking for bearer token in Authorization header, query string or Form-Encoded body parameter 2015-06-27 10:06:14,775 [http-bio-8180-exec-9] DEBUG bearer.BearerTokenReader - Found bearer token in Authorization header 2015-06-27 10:06:14,776 [http-bio-8180-exec-9] DEBUG rest.RestTokenValidationFilter - Token found: 6mmhjmqr1oprsqdtuso883gg01ikcd3g 2015-06-27 10:06:14,777 [http-bio-8180-exec-9] DEBUG rest.RestTokenValidationFilter - Trying to authenticate the token 2015-06-27 10:06:14,776 [http-bio-8180-exec-8] DEBUG rest.RestTokenValidationFilter - Token found: 6mmhjmqr1oprsqdtuso883gg01ikcd3g 2015-06-27 10:06:14,777 [http-bio-8180-exec-8] DEBUG rest.RestTokenValidationFilter - Trying to authenticate the token 2015-06-27 10:06:14,792 [http-bio-8180-exec-9] DEBUG rest.RestAuthenticationProvider - Trying to validate token 6mmhjmqr1oprsqdtuso883gg01ikcd3g 2015-06-27 10:06:14,792 [http-bio-8180-exec-8] DEBUG rest.RestAuthenticationProvider - Trying to validate token 6mmhjmqr1oprsqdtuso883gg01ikcd3g 2015-06-27 10:06:14,836 [http-bio-8180-exec-9] WARN userdetails.GormUserDetailsService - User not found: 111665385303429083134 2015-06-27 10:06:14,836 [http-bio-8180-exec-8] WARN userdetails.GormUserDetailsService - User not found: 111665385303429083134 2015-06-27 10:06:14,839 [http-bio-8180-exec-8] DEBUG rest.RestTokenValidationFilter - Authentication failed: User not found 2015-06-27 10:06:14,839 [http-bio-8180-exec-9] DEBUG rest.RestTokenValidationFilter - Authentication failed: User not found

It looks like it is failing because the userdetails.GormUserDetailsService needs to have a user, which hasn't been created. Should the plugin be creating a user?

Thanks for any help on this. I check the sample apps out put did not see any solution to this.

Phillip

[Alvaro Sanchez-Mariscal]

The plugin certainly doesn't do that, I feel too opinionated. Fortunately, there is a pluggable way for you to do it.

You can implement your own OauthUserDetailsService, and register it in resources.groovy as oauthUserDetailsService. In your implementation, if you find a UsernameNotFoundException from the call userDetailsService.loadUserByUsername(userProfile.id), you can create your GORM user. Have a look at DefaultOauthUserDetailsService to see what you need to do there.

You can also search by email instead of id. The problem with OAuth is that not all the providers give you the email (eg: Twitter), that's why the plugin refers to the ID. But if you do know that you have an email from Google, and that email matches any property from the GORM user, you can plugin your custom implementation as I specified above.

Cheers.

--
Spring Security REST
http://alvarosanchez.github.io/grails-spring-security-rest/
---
You received this message because you are subscribed to the Google Groups "Spring Security REST" group.
To unsubscribe from this group and stop receiving emails from it, send an email to spring-security-...@googlegroups.com.
To post to this group, send email to spring-sec...@googlegroups.com.
Visit this group at http://groups.google.com/group/spring-security-rest.
To view this discussion on the web, visit https://groups.google.com/d/msgid/spring-security-rest/39f399ca-7185-486e-9905-0720ef509ee6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--

Alvaro Sanchez-Mariscal
alvaro.sanc...@gmail.com
twitter.com/alvaro_sanchez