i am trying to understand what is ProviderSignInController does but i am facing a hard time understanding it.
So when i click login with facebook i go to facebook login page and than after entering my credentials the following method is called
org.springframework.social.connect.web.ProviderSignInController.oauth1Callback(String, NativeWebRequest)
/**
* Process the authentication callback from an OAuth 2 service provider.
* Called after the user authorizes the authentication, generally done once by having he or she click "Allow" in their web browser at the provider's site.
* Handles the provider sign-in callback by first determining if a local user account is associated with the connected provider account.
* If so, signs the local user in by delegating to {@link SignInAdapter#signIn(String, Connection, NativeWebRequest)}.
* If not, redirects the user to a signup page to create a new account with {@link ProviderSignInAttempt} context exposed in the HttpSession.
* @see ProviderSignInAttempt
* @see ProviderSignInUtils
*/
@RequestMapping(value="/{providerId}", method=RequestMethod.GET, params="code")
public RedirectView oauth2Callback(@PathVariable String providerId, @RequestParam("code") String code, NativeWebRequest request) {
try {
OAuth2ConnectionFactory<?> connectionFactory = (OAuth2ConnectionFactory<?>) connectionFactoryLocator.getConnectionFactory(providerId);
Connection<?> connection = connectSupport.completeConnection(connectionFactory, request);
return handleSignIn(connection, connectionFactory, request);
} catch (Exception e) {
logger.error("Exception while completing OAuth 2 connection: ", e);
return redirect(URIBuilder.fromUri(signInUrl).queryParam("error", "provider").build().toString());
}
}
what i am not understand is it says Handles the provider sign-in callback by first determining if a local user account is associated with the connected provider account.
and in the second line it says If so, signs the local user in by delegating to {@link SignInAdapter#signIn(String, Connection, NativeWebRequest)}
which i understood.
but i am not able to understand this line which says If not, redirects the user to a signup page to create a new account with {@link ProviderSignInAttempt} context exposed in the HttpSession.
I am thinking now that for the first time when i try to login with facebook...there will be no user in connection repository.... so every time i will get redirected to signup page. And spring social is meant that u dont have to do sign up and use facebook credentials.
So i cannot understand what is the logic behind all this.
Your understanding is not entirely accurate. The typical way that ProviderSignInController works is the way you described it. It works by first getting user authorization with Facebook (or whatever provider it's dealing with), then using that authorization to fetch the user's ID. Then it compares the user's ID with a previously established connection (probably made with ConnectController) and authenticating the user associated with that connection. In this scenario, there must be an existing user and that user must have previously established a connection with Facebook.
If no matching connection is found, then it offers up the application's registration/signup screen for the user to register with your application. (This assumes that the user is not already registered.) After registration, the application has the option of completing the connection...that is, creating a new connection for the newly registered user. It does this by calling postSignUp() on ProviderSignInUtils. Spring Social Showcase does this in SignupController: https://github.com/spring-projects/spring-social-samples/blob/master/spring-social-showcase/src/main/java/org/springframework/social/showcase/signup/SignupController.java.
There is another way, though, that does not require an existing connection, nor does it require that your application even maintain a user database. This approach is known as "implicit signup", meaning that by authorizing with Facebook, the user is implicitly registered with your application. To use implicit signup, you must inject an instance of SignInAdapter into JdbcUsersConnectionRepository. To see this in action, look at SocialConfig.java for the Spring Social Quickstart example: https://github.com/spring-projects/spring-social-samples/blob/master/spring-social-quickstart/src/main/java/org/springframework/social/quickstart/config/SocialConfig.java.
Note that implicit signup, as it's currently implemented, is a function of JdbcUsersConnectionRepository and not the more generic UsersConnectionRepository. That's unfortunate, because it means that the feature can only be used if you're using JdbcUsersConnectionRepository or if whatever implementation of UsersConnectionRepository you're using supports it. This has bugged me for awhile, so I've created https://jira.spring.io/browse/SOCIAL-439 to address this concern.