I get the following error whilst trying to run the application. Any help is appreciated.
"Error starting Tomcat context. Exception: org.springframework.beans.factory.UnsatisfiedDependencyException. Message: Error creating bean with name 'webSecurityConfig': Unsatisfied dependency expressed through field 'userServiceImpl'; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'userServiceImpl': Unsatisfied dependency expressed through field 'bCryptEncoder'; nested exception is org.springframework.beans.factory.BeanCurrentlyInCreationException: Error creating bean with name 'webSecurityConfig': Requested bean is currently in creation: Is there an unresolvable circular reference?"
2 related files for the issue are as follows:
WebSecurityConfig
#Configuration
#EnableWebSecurity
#EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
#Autowired
private UserServiceImpl userServiceImpl;
private JwtTokenUtil jwtTokenUtil;
private AuthEntryPoint unauthorizedHandler;
public WebSecurityConfig(AuthEntryPoint unauthorizedHandler, JwtTokenUtil jwtTokenUtil) {
this.unauthorizedHandler = unauthorizedHandler;
this.jwtTokenUtil = jwtTokenUtil;
}
#Override
#Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
#Autowired
public void globalUserDetails(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userServiceImpl)
.passwordEncoder(encoder());
}
#Bean
public AuthenticationFilter authenticationTokenFilterBean() throws Exception {
return new AuthenticationFilter(userServiceImpl, jwtTokenUtil);
}
#Override
protected void configure(HttpSecurity http) throws Exception {
http
.cors()
.and()
.csrf()
.disable()
.authorizeRequests()
.antMatchers(
"/auth/*",
"/token/*",
"/webjars/**",
"/",
"/uploads/**",
"favicon.ico"
).permitAll()
.anyRequest().authenticated()
.and()
.exceptionHandling()
.authenticationEntryPoint(unauthorizedHandler)
.and()
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
http.addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class);
}
#Bean
public BCryptPasswordEncoder encoder() {
return new BCryptPasswordEncoder();
}
}
UserServiceImpl
#Service
public class UserServiceImpl implements UserService {
private final UserRepository userRepository;
#Autowired
private BCryptPasswordEncoder bCryptEncoder; // Fails when injected by the constructor.
public UserServiceImpl(UserRepository userRepository) {
this.userRepository = userRepository;
}
/**
* Create a new user.
* #param createUserDto
* #return
*/
#Override
public User save(CreateUserDto createUserDto) {
User newUser = new User();
newUser.setEmail(createUserDto.getEmail());
newUser.setFullName(createUserDto.getFullName());
newUser.setPassword(bCryptEncoder.encode(createUserDto.getPassword()));
newUser.setConfirmed(createUserDto.isConfirmed());
newUser.setEnabled(createUserDto.isEnabled());
newUser.setRole(createUserDto.getRole());
return userRepository.save(newUser);
}
#Override
public List<User> findAll() {
List<User> list = new ArrayList<>();
userRepository.findAll().iterator().forEachRemaining(list::add);
return list;
}
#Override
public void delete(String id) {
userRepository.deleteById(id);
}
#Override
public User findByEmail(String email) throws ResourceNotFoundException {
Optional<User> optionalUser = userRepository.findByEmail(email);
if (optionalUser.isEmpty()) {
throw new ResourceNotFoundException(USER_NOT_FOUND_MESSAGE);
}
return optionalUser.get();
}
#Override
public User findById(String id) throws ResourceNotFoundException {
Optional<User> optionalUser = userRepository.findById(id);
if (optionalUser.isEmpty()) {
throw new ResourceNotFoundException(USER_NOT_FOUND_MESSAGE);
}
return optionalUser.get();
}
#Override
public User update(String id, UpdateUserDto updateUserDto) throws ResourceNotFoundException {
User user = findById(id);
if (updateUserDto.getFullName() != null) {
user.setFullName(updateUserDto.getFullName());
}
if (updateUserDto.getEmail() != null) {
user.setEmail(updateUserDto.getEmail());
}
return userRepository.save(user);
}
#Override
public void update(User user) {
userRepository.save(user);
}
#Override
public User updatePassword(String id, UpdatePasswordDto updatePasswordDto) throws ResourceNotFoundException {
User user = findById(id);
if (bCryptEncoder.matches(updatePasswordDto.getCurrentPassword(), user.getPassword())) {
user.setPassword(bCryptEncoder.encode(updatePasswordDto.getNewPassword()));
return userRepository.save(user);
}
return null;
}
#Override
public void updatePassword(String id, String newPassword) throws ResourceNotFoundException {
User user = findById(id);
user.setPassword(bCryptEncoder.encode(newPassword));
userRepository.save(user);
}
public void confirm(String id) throws ResourceNotFoundException {
User user = findById(id);
user.setConfirmed(true);
userRepository.save(user);
}
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
Optional<User> userOptional = userRepository.findByEmail(username);
if(userOptional.isEmpty()){
throw new UsernameNotFoundException("Invalid username or password.");
}
User user = userOptional.get();
return new org.springframework.security.core.userdetails.User(
user.getEmail(), user.getPassword(), user.isEnabled(), true, true, user.isConfirmed(), getAuthority(user)
);
}
private Set<SimpleGrantedAuthority> getAuthority(User user) {
Set<SimpleGrantedAuthority> authorities = new HashSet<>();
authorities.add(new SimpleGrantedAuthority(user.getRole().getName()));
user.allPermissions().forEach(permission -> authorities.add(new SimpleGrantedAuthority(permission.getName())));
return authorities;
}
}
You can place the bean factory method for the encoder in a separate configuration class or you can leave it where it is and make the bean factory method static:
#Bean
public static BCryptPasswordEncoder encoder() {
return new BCryptPasswordEncoder();
}
This make it clear to Spring that the encoder does not depend on anything injected into the class instance.
You can try like this:
#Service
public class UserServiceImpl implements UserService {
private final UserRepository userRepository;
private final BCryptPasswordEncoder bCryptEncoder;
public UserServiceImpl(UserRepository userRepository, BCryptPasswordEncoder bCryptEncoder) {
this.userRepository = userRepository;
this.bCryptEncoder = bCryptEncoder;
}
[...]
I believe a class annotated with #Configuration will be subjected to executed initially in a Spring application. As we can see you have created a lot of beans that has to be autowired in multiple other classes which will be created eventually probably the classes annotated with service, controller and all.
Now in the WebSecurityConfig there is an autowiring for UserServiceImpl
for which the bean hasn't created yet it will be created after the configuration class is done. And the UserServiceImpl also requires BCryptPasswordEncoder So this appears like a dead lock each of them is dependent on one another. This is what I could decipher.
Also autowiring should be done with Interface as type.
#Autowired
private UserService userServiceImpl;
I think moving the password encoder bean creation to another config class might help to solve this situation.
I resolved this issue by creating a new configuration class as follows;
#Configuration
public class PasswordSecurityConfig {
#Bean
public BCryptPasswordEncoder bCryptPasswordEncoder() {
return new BCryptPasswordEncoder();
}
}
I used this class in the WebSecurityConfig as follows;
#Autowired
public void globalUserDetails(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userServiceImpl)
.passwordEncoder(new PasswordSecurityConfig().bCryptPasswordEncoder());
}
I can now run the app without any issues.
Related
I am working on authentication service part of cloud app and I created the following security config class.
#Configuration
#EnableWebSecurity
public class JwtSecurityConfig extends WebSecurityConfigurerAdapter {
private final PasswordEncoder encoder;
private final UserService userService;
private final JwtConstant jwtConstant;
#Autowired
public JwtSecurityConfig(PasswordEncoder encoder, UserService userService, JwtConstant jwtConstant) {
this.encoder= encoder;
this.userService = userService;
this.jwtConstant = jwtConstant;
}
#Bean
public DaoAuthenticationProvider getAuthenticationProvider() {
DaoAuthenticationProvider authenticationProvider = new DaoAuthenticationProvider();
authenticationProvider.setPasswordEncoder(encoder);
authenticationProvider.setUserDetailsService(userService);
return authenticationProvider;
}
#Override
protected void configure(AuthenticationManagerBuilder auth) {
auth.authenticationProvider(getAuthenticationProvider());
}
#Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.addFilter(getAuthenticationFilter())
.authorizeRequests()
.antMatchers(HttpMethod.PUT, "/signup").permitAll()
.anyRequest()
.authenticated();
}
private AuthenticationFilter getAuthenticationFilter() throws Exception {
return new AuthenticationFilter(authenticationManager(), jwtConstant);
}
}
I am not sure about the chain methods of configure(HttpSecurity http) method. The authentication service will only receive "login" and "signup" requests.
Should I remove authorizeRequests() method as I do not authorize anything?
I am not sure about anyRequest().authenticated() part either if I really need it?
there are a couple of things that have to be changed, but first of all, you have to define a method that will provide jwt for each request and every request should provide an AuthRequest object that contains username and password :
#RestController
public class WelcomeController {
#Autowired
private JwtUtil jwtUtil;
#Autowired
private AuthenticationManager authenticationManager;
#PostMapping("/signup")
public String generateToken(#RequestBody AuthRequest authRequest) throws Exception {
try {
authenticationManager.authenticate(
new UsernamePasswordAuthenticationToken(authRequest.getUserName(), authRequest.getPassword())
);
} catch (Exception ex) {
throw new Exception("inavalid username/password");
}
return jwtUtil.generateToken(authRequest.getUserName());
}
}
and in the UserDetailsService you can make authentication as below :
#Service
public class UserDetailsService implements org.springframework.security.core.userdetails.UserDetailsService {
#Autowired
private final UserRepository userRepository;
#Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
System.out.println("tried to loging : " + username);
if(!Objects.isNull(username) && !"".equals(username)){
Optional<User> user = userRepository.findUserByUserName(username);
System.out.println(user.get());
if(user.isPresent()){
User userParam = user.get();
return new org.springframework.security.core.userdetails.User(userParam.getUserName(),
userParam.getPassword(), new ArrayList<>());
}
}
throw new UsernameNotFoundException("user does not exists or empty !!");
}
}
and for the configuration side :
#Configuration
#EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
#Autowired
private final UserDetailsService userDetailsService;
#Autowired
private final JwtFilter jwtFilter;
#Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
}
#Bean
public PasswordEncoder passwordEncoder(){
return new BCryptPasswordEncoder(10);
}
#Bean(name = BeanIds.AUTHENTICATION_MANAGER)
#Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
#Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
.authorizeRequests().antMatchers("/signup").permitAll()
.anyRequest().authenticated()
.and().exceptionHandling().and()
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
http.addFilterBefore(jwtFilter, UsernamePasswordAuthenticationFilter.class);;
}
}
for further information, you can follow my Github branch Authnticaition sample
I using ConnectionSignUp and SignInAdapter to do login function for website. I also use spring security.But I do not know how to finish loading the current page after logging in.
After login, the website will reload the form page : localhost:9090/#=
ConnectionSignUp.java
public class FacebookSignInAdapter implements SignInAdapter {
#Autowired
UsersRepository usersService;
#Override
public String signIn(String localUserId, Connection<?> connection, NativeWebRequest request) {
SecurityContextHolder.getContext()
.setAuthentication(new UsernamePasswordAuthenticationToken(connection.getKey(),
null, Arrays.asList(new SimpleGrantedAuthority("ROLE_FACEBOOK"))));
return null;
}}
FacebookConnectionSignup.java
public class FacebookConnectionSignup implements ConnectionSignUp {
#Autowired
UsersService usersService;
#Autowired
RolesService rolesService;
#Override
public String execute(Connection<?> connection) {
Users user = null;
try {
user = usersService.findByUserName(connection.getKey().toString());
if(user == null ) {
user = new Users();
user.setUserName(connection.getKey().toString());
user.setPassword(randomAlphabetic(8));
user.setEmail(connection.getKey()+"#gmail.com");
user.setFirstName(connection.getDisplayName());
user.setAvatar(connection.getImageUrl());
user.setStatus("active");
user.setCreatedDate(new Date());
user.setLoggedInDate(new Date());
user.setIsOnline((byte) 1);
HashSet<Roles> roleses = new HashSet<>();
roleses.add(rolesService.findByName("ROLE_FACEBOOK"));
user.setRoleses(roleses);
usersService.saveorupdate(user);
}
} catch (Exception e) {
System.out.println(e.getMessage());
}
return user.getUserName();
}}
WebSecurityConfig.java
#Configuration
#EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
#Autowired
private AjaxAuthenticationFailureHandler ajaxAuthenticationFailureHandler;
#Autowired
private AjaxAuthenticationSuccessHandler ajaxAuthenticationSuccessHandler;
#Autowired
private ConnectionFactoryLocator connectionFactoryLocator;
#Autowired
private UsersConnectionRepository usersConnectionRepository;
#Autowired
private FacebookConnectionSignup facebookConnectionSignup;
#Autowired
private UserDetailsService userDetailsService;
#Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
#Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
}
#Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/home", "/").permitAll()
.antMatchers("/admin/**").hasRole("ADMIN")
.and().formLogin().loginPage("/403").loginProcessingUrl("/login").usernameParameter("userName").passwordParameter("password")
.failureHandler(ajaxAuthenticationFailureHandler).successHandler(ajaxAuthenticationSuccessHandler)
.and().logout().logoutSuccessUrl("/")
.and().rememberMe().and()
.exceptionHandling().accessDeniedPage("/403");
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED);
}
#Bean
public ProviderSignInController providerSignInController() {
((InMemoryUsersConnectionRepository) usersConnectionRepository).setConnectionSignUp(facebookConnectionSignup);
return new ProviderSignInController(connectionFactoryLocator, usersConnectionRepository,
new FacebookSignInAdapter());
}}
Now I want to finish loading the current page after logging in.
Hope everyone will help.
Thank you very much.
The problem is, BCryptPasswordEncoder is not encrypt the password on login process therefore login fails, let's say password is 123 and stored in db as hashed, when the post the password 123 returns invalid_grants, but when the hashed password is sent from client, returns the access token. It is also ok when the password when password encoder is commented.
App.java
#SpringBootApplication
public class App {
#Bean
BCryptPasswordEncoder getPasswordEncoder() {
return new BCryptPasswordEncoder();
}
public static void main(String[] args) throws Exception {
SpringApplication.run(App.class, args);
}
#Autowired
public void authenticationManager(AuthenticationManagerBuilder authenticationManagerBuilder, final UserRepository userRepository, UserService userService) throws Exception {
if(userRepository.count() == 0) {
User user = new User();
Role role = new Role();
role.setName("SA");
user.setEmail("test");
user.setPassword("123");
user.setRoles(Arrays.asList(role));
user.setBlocked(false);
user.setEnable(true);
userService.save(user);
}
authenticationManagerBuilder.userDetailsService(email -> {
return userService.loadUserByUsername(email);
});
}
}
WebSecurityConfiguration.java
#Configuration
#EnableWebSecurity
#EnableGlobalMethodSecurity(prePostEnabled=true)
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
static final String SIGNING_KEY = "kKSMJ92Mknk38njs9HJ8KNALiuc938FH";
static final int ENCODING_STRENGTH = 256;
static final String SECURITY_REALM = "Task Manager";
#Autowired
private BCryptPasswordEncoder passwordEncoder;
#Autowired
private UserDetailsService userDetailsService;
#Autowired
private DataSource dataSource;
#Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.userDetailsService(userDetailsService)
.passwordEncoder(passwordEncoder)
.and()
.authenticationProvider(authenticationProvider())
.jdbcAuthentication()
.dataSource(dataSource);
}
#Override
protected void configure(HttpSecurity http) throws Exception {
http.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests()
.antMatchers("/sign-up", "/sign-in", "/").permitAll()
.antMatchers("/api/**").authenticated()
.and()
.httpBasic()
.realmName(SECURITY_REALM)
.and()
.csrf()
.disable();
}
#Bean
public UserDetailsService userDetailsService() {
return super.userDetailsService();
}
#Bean
public DaoAuthenticationProvider authenticationProvider() {
DaoAuthenticationProvider authenticationProvider = new DaoAuthenticationProvider();
authenticationProvider.setUserDetailsService(userDetailsService);
authenticationProvider.setPasswordEncoder(passwordEncoder);
return authenticationProvider;
}
UserService.java
#Service
public class UserService implements UserDetailsService {
#Autowired
private UserRepository userRepository;
#Autowired
private BCryptPasswordEncoder passwordEncoder;
public void save(User user) {
user.setPassword(passwordEncoder.encode(user.getPassword()));;
userRepository.save(user);
}
#Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
User user = this.userRepository.findUserByEmail(username);
if (user == null) {
throw new UsernameNotFoundException(username);
}
return new CustomUserDetails(user);
}
}
The problem might be here. Remove the lines that are commented out.
#Autowired
public void authenticationManager(AuthenticationManagerBuilder authenticationManagerBuilder, final UserRepository userRepository, UserService userService) throws Exception {
if(userRepository.count() == 0) {
User user = new User();
Role role = new Role();
role.setName("SA");
user.setEmail("test");
user.setPassword("123");
user.setRoles(Arrays.asList(role));
user.setBlocked(false);
user.setEnable(true);
userService.save(user);
}
// authenticationManagerBuilder.userDetailsService(email -> {
// return userService.loadUserByUsername(email);
// });
}
You are overriding all the multiple configurations that you have done in your configuration classes, and as a result the password encoder is never applied to your AuthenticationManagerBuilder.
I want to use both in memory auth and userDetailsService auth. Beacause I have to create one admin account when application start and then I will create another one with form. But the first one had to in memory due to security reason.
SecurityConfig.java
#Configuration
#EnableWebSecurity
#EnableGlobalMethodSecurity(prePostEnabled = true)
#Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
#Autowired
private UserDetailsService userDetailsService;
#Override
protected void configure(HttpSecurity http) throws Exception {
/* #formatter:off */
http.authorizeRequests()
// some configs
}
#Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth
.userDetailsService(this.userDetailsService)
.passwordEncoder(passwordEncoder())
.and()
.inMemoryAuthentication()
.passwordEncoder(passwordEncoder())
.withUser("user").password("1").roles("ADMIN");
}
#Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}
UserDetailsServiceImpl
#Service
#Transactional
public class UserDetailsServiceImpl implements UserDetailsService {
#Autowired
private VendorService vendorService;
#Autowired
private AdminService adminService;
#Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
UserDetails userAdmin = adminService.getAdminByUsername(username);
if (userAdmin != null) {
System.out.println(userAdmin.getUsername());
return userAdmin;
} else {
UserDetails userVendor = vendorService.getVendorByUsername(username);
if (userVendor == null) {
throw new UsernameNotFoundException("No such user");
}else{
System.out.println(userVendor.getUsername());
return userVendor;
}
}
}
}
I can login with in DB users but can't login with user and 1 password.
I tried to integrate spring security and spring social. The problem is when I try to create account for him in my system. I would like to avoid creating user with id "anonymousUser".
For expected behaviour when I analyzed code from spring-social-security I expected to call method JdbcUsersConnectionRepository.findUserIdsWithConnection(Connection connection) for creating user and entry in the system. But when I run my code I find out this is not true. Before this action is calling implementation of SocialConfigurer.getUserId(). Great... If we have anonymous user it will be cached... But anyway getUserId is called before anything so authorization doesn't work. So I wrote my own implementation to this thing:
#Configuration
#EnableSocial
public class SocialConfig implements SocialConfigurer {
#Autowired
private DataSource dataSource;
#Autowired
private CustomerService customerService;
#Autowired
private CustomerProviderRepository customerProviderRepository;
#Autowired
private PasswordEncoder passwordEncoder;
#Override
public void addConnectionFactories(ConnectionFactoryConfigurer connectionFactoryConfigurer, Environment environment) {
}
#Override
public UserIdSource getUserIdSource() {
return () -> {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication == null || authentication.getName().equals("anonymousUser")) {
throw new IllegalStateException("Unable to get a ConnectionRepository: no user signed in");
}
return authentication.getName();
};
}
#Override
public UsersConnectionRepository getUsersConnectionRepository(ConnectionFactoryLocator connectionFactoryLocator) {
JdbcUsersConnectionRepository repository = new JdbcUsersConnectionRepository(dataSource, connectionFactoryLocator, Encryptors.noOpText());
repository.setConnectionSignUp(new SocialConnectionSignUpService(customerService, customerProviderRepository, passwordEncoder));
return repository;
}
}
Implementation of SocialCOnnectionSignUpService
public class SocialConnectionSignUpService implements ConnectionSignUp {
private final CustomerService customerService;
private final CustomerProviderRepository customerProviderRepository;
private final PasswordEncoder passwordEncoder;
public SocialConnectionSignUpService(CustomerService customerService, CustomerProviderRepository customerProviderRepository, PasswordEncoder passwordEncoder) {
this.customerService = customerService;
this.passwordEncoder = passwordEncoder;
this.customerProviderRepository = customerProviderRepository;
}
#Override
public String execute(Connection<?> connection) {
ConnectionKey connectionKey = connection.getKey();
UserProfile profile = connection.fetchUserProfile();
Customer customer = customerService.findBy(profile.getEmail());
if(customer == null) {
customer = new Customer();
customer.setEmail(profile.getEmail());
customerService.add(customer);
}
SocialKey key = new SocialKey();
key.setUserId(customer.getId().toString());
key.setProviderUserId(connectionKey.getProviderUserId());
key.setProviderId(connectionKey.getProviderId());
CustomerProvider customerProvider = new CustomerProvider();
customerProvider.setKey(key);
customerProvider.setDisplayName(profile.getName());
customerProviderRepository.save(customerProvider);
return customerProvider.id();
}
}
And configuration of spring security:
#Configuration
#EnableWebSecurity
public class SecurityContext extends WebSecurityConfigurerAdapter {
#Autowired
private DataSource dataSource;
#Autowired
private CustomerRepository customerRepository;
#Override
protected void configure(HttpSecurity http) throws Exception {
http
.formLogin()
.loginPage("/login")
.loginProcessingUrl("/login/authenticate")
.permitAll()
.and()
.rememberMe()
.and()
.authorizeRequests()
.antMatchers("/signup/social").authenticated()
.antMatchers("/**").permitAll()
.and()
.apply(new SpringSocialConfigurer().postLoginUrl("/signup/social").alwaysUsePostLoginUrl(true))
.and()
.csrf().disable();
}
#Bean
public SocialUserDetailsService socialUserDetailsService() {
return new SocialUserDetailsServiceImpl(customerRepository);
}
}
Do you have any workaround or solution how to pass the problem?