Auth0 Home Blog Docs

Auth0 + Spring Security + JWT: How to enrich Authentication/Principal after successful login?

jwt
spring-security
spring-security-api

#1

Hi,

I’ve got a question which seems popular, but I couldn’t find the answer. Well there’s a lot of information about it but I’m not sure what the best way is. So here’s the scenario.
I need to persist the user ID on the database on my API side after successful login (e.g. google-oauth2|5457edea1b8f22891a000004), and also I need to enrich the Authentication/Principal object in security context after successful login (for example by adding email).
I tried to add my own UserDetailsService implementation to the context by the following:

@Configuration
@EnableWebSecurity
@RequiredArgsConstructor
public class SecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
    private final JwtWebSecurityConfigurer jwtWebSecurityConfigurer;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.cors();
        jwtWebSecurityConfigurer
                .configure(http)
                .authorizeRequests()
                .antMatchers(HttpMethod.GET, "/**").authenticated();
    }

    @Override
    public void configure(AuthenticationManagerBuilder builder) throws Exception {
        builder.userDetailsService(new Auth0UserDetailsService());
    }
}

But it didn’t kick in.
Anybody knows what is the correct way to do it? Thanks.


#2

I am having this exact same issue, does anyone know a work around?


#3

See https://stackoverflow.com/a/52620593/2194119