Customizing login page for OAUTH2 login with Spring Webflux

link之家

链接快照平台

输入网页链接，自动生成快照
标签化管理网页链接

Collectives™ on Stack Overflow

Find centralized, trusted content and collaborate around the technologies you use most.

Learn more about Collectives

Teams

Q&A for work

Connect and share knowledge within a single location that is structured and easy to search.

Learn more about Teams

I am looking to customize my oauth2 login page. I am using Spring cloud Gateway so this is Spring Security Webflux. This should be fairly straightforward but I cannot figure out a way to do it with Webflux security. Stuff I have tried :

I have tried using loginPage() as suggested in How Can I Customize Login Page for Oauth2 in Spring Webflux? but as the O.P. posted there, this does not compile in the webflux world.

I have tried putting in a controller at /login and have it direct to my custom page but the controller is not hit. My SecurityConfig :

    @Bean
    public SecurityWebFilterChain configure(ServerHttpSecurity http) throws Exception {
        return http
                .csrf().disable().authorizeExchange()
                .pathMatchers(HttpMethod.GET,"/oauth2login",
                        "*/*.js", "/*.json", "/*.ico", "/login").permitAll()
                .pathMatchers("/api/","/api/**").authenticated()
                .and().oauth2ResourceServer(ServerHttpSecurity.OAuth2ResourceServerSpec::jwt)
                .authorizeExchange().anyExchange().authenticated()
               .and().securityContextRepository(new WebSessionServerSecurityContextRepository())
                   .oauth2Login()
                .and().build();
What am I doing wrong here?
It's a bit confusing because there are multiple different ways to customize the login page depending on what type of authentication you are configuring in servlet-based applications.
In reactive applications, it has been centralized in one place (exceptionHandling() in the DSL), so you can simply set the authentication entry point as in the following example:
.exceptionHandling(exceptions -> exceptions
        .authenticationEntryPoint(new RedirectServerAuthenticationEntryPoint("/login"))
This disables the default login page, and you just need to provide your own which should match the configured URL.
                Thank you! This worked. I would not have thought of having it centralized in exceptionHandling() on my own.
– Vibha Gopal
                Oct 13, 2021 at 5:56
                @VibhaGopal, Good evening! Could you please send me the whole code snippet? I'm also trying to make webflux and oauth2 friends
– Кирилл Желнов
                Feb 15 at 16:30
        Thanks for contributing an answer to Stack Overflow!
Please be sure to answer the question. Provide details and share your research!
But avoid …
Asking for help, clarification, or responding to other answers.
Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.