Hello, I followed your code and I have a problem of getting email address after authenticating successfully against Github. The problem is that Github only provides us the public email address which is normally null by default.

To take the private emails, we should call API /user/emails with access token taken from the earlier authentication. However, I don't know how to retrieve that access token.

Do you have any suggestion?

As suggested here, I have tried to send one more request to fetch email using the token and it worked, the only problem I think is: The code, which is checking particulary for github and fetching email of the github user, does not seem to be generalized/organized.
So if it doesn't seem okay to you, then I am leaving it for you to do.

I have edited two files:

OAuth2UserInfo.java

package io.agileintelligence.ppmtool.security.oauth2.user;

import java.util.HashMap;
import java.util.Map;

public abstract class OAuth2UserInfo {
    protected Map<String, Object> attributes;

    public OAuth2UserInfo(Map<String, Object> attributes) {
        this.attributes = attributes;
        // Uncomment the following to see all the attributes and values we are getting in response
        // for(Map.Entry<String, Object> x: attributes.entrySet()) System.out.println(x.getKey() + " = " + x.getValue());
    }

    public Map<String, Object> getAttributes() {
        return attributes;
    }

    public abstract String getId();

    public abstract String getName();

    public abstract String getEmail();

    public abstract String getImageUrl();

    // ADDED
    public void setEmail(String email) {
        attributes = new HashMap<String, Object>(attributes);
        attributes.put("email", email);
    }
}

In CustomOAuth2UserService.java,

1. I have modified the first if condition in method processOAuth2User() as following:

// BEFORE
if(StringUtils.isEmpty(oAuth2UserInfo.getEmail())) {
    throw new OAuth2AuthenticationProcessingException("Email not found from OAuth2 provider");
}

// AFTER
if (StringUtils.isEmpty(oAuth2UserInfo.getEmail())) {
    if (oAuth2UserRequest.getClientRegistration().getRegistrationId().equalsIgnoreCase("github")) {
        oAuth2UserInfo.setEmail(requestEmail(oAuth2UserRequest.getAccessToken().getTokenValue()));
    } else {
        throw new OAuth2AuthenticationProcessingException("Email not found from OAuth2 provider");
    }            
}

2. I have added the following method and the class:

private String requestEmail(String token) {
        String url = "https://api.github.com/user/emails";
        HttpHeaders headers = new HttpHeaders();
        headers.set("Authorization", "token " + token);
        HttpEntity request = new HttpEntity(headers);
        RestTemplate restTemplate = new RestTemplate();
        ResponseEntity<String> response = restTemplate.exchange(url, HttpMethod.GET, request, String.class, 1);

        if (response.getStatusCode() == HttpStatus.OK) {
            Gson g = new Gson();
            GithubEmailResponse[] emails = g.fromJson(response.getBody(), GithubEmailResponse[].class);
            
            String primaryEmail = "";
            for(GithubEmailResponse email: emails)
                if (email.isPrimary()) {
                    primaryEmail = email.getEmail();
                    break;
                }
            return primaryEmail;
        } else {
            throw new OAuth2AuthenticationProcessingException("Email not found from OAuth2 provider");
        }
    }

    private class GithubEmailResponse {
        private String email;
        private boolean primary;
        private boolean verified;
        private String visibility;

        public String getEmail() {
            return email;
        }

        public boolean isPrimary() {
            return primary;
        }
       
        public boolean isVerified() {
            return verified;
        }
        
        public String getVisibility() {
            return visibility;
        } 
    }

Don't forget to close the issues you have opened regarding this if the solution works for you.
@rassidm @nanolearningmodules @lethuydung0109

When I tried facabook login , it gives an error.
Message:

[invalid_user_info_response] An error occurred while attempting to retrieve the UserInfo Resource: Could not extract response: no suitable HttpMessageConverter found for response type [java.util.Map<java.lang.String, java.lang.Object>] and content type [text/javascript;charset=UTF-8]

how can we fix this issue?

Hello. I'm confused about these two properties in application.yaml:

tokenSecret: 926D96C90030DD58429D2751AC1BDBBC tokenExpirationMsec: 864000000

From where do you get the tokenSecret value? Is that a unique value for each app? I try facebook login, the server gives me a JWToken created based on some properties among whichL tokenSecret and tokenExpirationMsec but when I make a request with that token it gives me 401 (Unauthenticated).

Hi,

Thank you for the sample application. It works nice in local, but when I deploy it on server its not working here is the scenario,

1. UI developed using reactjs
2. API developed using Java sprint boot
3. On server am running UI with url - https://xyz.com and back-end running as https://xyzapi.com
4. At google developer portal redirect uri provided as - https://xyzapi.com/oauth2/callback/google
5. Accessing API in UI as https://xyzapi.com (base url)
6. When I click on google icon in ui its showing below error.

can you please help me to understand what is going wrong

Access blocked: Authorization Error
device_id and device_name are required for private IP: http://192.168.1.10:7171/oauth2/callback/google Learn more about this error
If you are a developer of React-Login, see error details.
Error 400: invalid_request

At application.yml file Unknown property redirectUriTemplate for type org.springboot.autoconfigure.security

Description:
I am currently working on cloning and updating this project to Spring Boot v3. However, I've encountered a runtime error during the login process, and I'm struggling to identify the exact source of the issue. It seems that the error arose after introducing token serialization and deserialization steps. Despite my efforts, I am unable to resolve this problem.

Details:

The error appears to be related to the token serialization and deserialization steps.
I have made adjustments to accommodate Spring Boot v3, and the login process was functioning correctly before these changes.
I have thoroughly reviewed the code, but pinpointing the root cause of the issue has proven challenging.
Request for Help:
I would greatly appreciate any assistance in troubleshooting and resolving this problem. If someone could review the relevant code or offer insights into potential causes, it would be immensely helpful.

here is my github link:
https://github.com/codeartitect/project-taskflowmanager

Facebook has detected User-Auth isn't using a secure connection to transfer information.
Until User-Auth updates its security settings, you won't be able to use Facebook to log into it.

Not getting redirected back to reactjs app after successful login by google,
React app stucks at,
http://localhost:8080/login/oauth2/code/google?state=
need to get back to,
http://localhost:3000/

Hello and thanks for this awesome configuration.

I'm not sure about sending token as url param to client devices. Is there any better solution? Of course I want to keep token for my next request but on the frontent side, getting token and redirect to other page process is not seems good. I have questions authenticating user on the backend side, is using client side authenticating better?

I'm not sure and need help. Thanks in advance.

I create app in facebook with oAuth2 provider and i got clientId and secretId successfully oAuth2 provider with my facebook app, After login and Grant access successfully with my app. URL redirect to like this (http://localhost:8080/login/oauth2/code/facebook?code=AQDzFN5OMI6S............) with whitelabel Error Page. backend Error with :- Responding with unauthorized error. Message - Full authentication is required to access this resource

Please write unit testing with junit5 security is sensitive issue you cannot leave testing section. I'm struggling to implement

When I hit the login URL, I am getting this error
Full authentication is required to access this resource and it is pointing to RestAuthenticationEntryPoint.java.

What could be possible reason for this error

Github logging not working
error msg :

Email not found from OAuth2 provider

The following candidates were found but could not be injected:
- Bean method 'clientRegistrationRepository' in 'OAuth2ClientRegistrationRepositoryConfiguration' not loaded because OAuth2 Clients Configured Condition registered clients is not available

Action:

Consider revisiting the entries above or defining a bean of type 'org.springframework.security.oauth2.client.registration.ClientRegistrationRepository' in your configuration.

[WARNING]
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.boot.maven.AbstractRunMojo$LaunchRunner.run(AbstractRunMojo.java:558)
at java.lang.Thread.run(Thread.java:745)
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'springSecurityFilterChain' defined in class path resource [org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No qualifying bean of type 'org.springframework.security.oauth2.client.registration.ClientRegistrationRepository' available
at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:625)
at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:455)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1288)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1127)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:538)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:498)
at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:320)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:318)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:199)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:307)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:199)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:846)
at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:863)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:546)
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:140)
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:775)
at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:397)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:316)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1260)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1248)
at com.example.springsocial.SpringSocialApplication.main(SpringSocialApplication.java:13)
... 6 more
Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No qualifying bean of type 'org.springframework.security.oauth2.client.registration.ClientRegistrationRepository' available
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:185)
at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:620)
... 27 more

When I start this app, above error occur, why? This jar spring-security-oauth2-client-5.1.1.RELEASE.jar is there .

Question 1) Login via google works but when tying to login via github it throws error - email not found from oauth2 provider.
Question 2) I dont want to use the react-social app but instead want to use the existing spring-boot code for viewing the response too- could you please explain the code- flow. ( I am not well versed with react ).

Hi,

After a successful Oauth2 authorization, I want to issue a cookie to secure access to my controllers. In order to do this, I added the lines below determineTargetUrl on OAuth2AuthenticationSuccessHandler. This sets a cookie containing JWT token created by TokenProvider.

CookieUtils.addCookie(response, appProperties.getAuth().getAuthenticationCookieName(), token, (int) appProperties.getAuth().getTokenExpirationMsec());

And then I created a CookieAuthenticationFilter similar to TokenAuthenticationFilter which checks the cookie set by OAuth2AuthenticationSuccessHandler.

public class CookieAuthenticationFilter extends OncePerRequestFilter {

    @Autowired
    private AppProperties appProperties;

    @Autowired
    private TokenProvider tokenProvider;

    @Autowired
    private CustomUserDetailsService customUserDetailsService;


    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
        try {
            Optional<String> jwt = CookieUtils.getCookie(request, appProperties.getAuth().getAuthenticationCookieName()).map(Cookie::getValue);

            if (StringUtils.hasText(String.valueOf(jwt)) && tokenProvider.validateToken(String.valueOf(jwt))) {
                Long userId = tokenProvider.getUserIdFromToken(String.valueOf(jwt));

                UserDetails userDetails = customUserDetailsService.loadUserById(userId);
                UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
                authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));

                SecurityContextHolder.getContext().setAuthentication(authentication);
            }

        } catch (Exception ex) {
            logger.error("Could not set user authentication in security context", ex);
        }

        filterChain.doFilter(request, response);
    }
}

and on SecurityConfig I replaced tokenAuthenticationFilter bean to cookieAuthenticationFilter

http.addFilterBefore(cookieAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);

When I run the project, Oauth2 authentication is made successfully and cookie is set. However when I request a secured controller method, CookieAuthenticationFilter.doFilterInternal is not hit and request directly goes to RestAuthenticationEntryPoint.commence and exception is thrown with message Full authentication is required to access this resource .

Do I have to change any more configuration to change authentication to cookie from Bearer (JWT)?

How to do session management with oauth2.

How to handle logout in oauth2, how clear session?

Warning:(42, 39) java: removeAuthorizationRequest(javax.servlet.http.HttpServletRequest) in org.springframework.security.oauth2.client.web.AuthorizationRequestRepository has been deprecated

I'm copying that code into a new override that accepts a response object as well (not using it.. yet). But I'm curious about the versioning of things and if this should be addressed?

The default redirect path in the security config class is miss ing a star ( needed .../** Instead of /*).

This cause a not authorized error when login with google, before to redirect to the profile.

Also, i want to thank you very much becouse this project is all that i needed to start with mine! Super fantastic , Simply and well written

What will be the userInfoURL for Google?

While trying to save the User I'm getting this error, I've tried anything from changing my code to be completely like yours...

	at com.docconnect.docconnect.config.oauth2.service.CustomOAuth2UserService.loadUser(CustomOAuth2UserService.java:39) ~[classes/:na]
	at org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationProvider.authenticate(OAuth2LoginAuthenticationProvider.java:117) ~[spring-security-oauth2-client-6.1.2.jar:6.1.2]
	at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:182) ~[spring-security-core-6.1.2.jar:6.1.2]
	at org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter.attemptAuthentication(OAuth2LoginAuthenticationFilter.java:195) ~[spring-security-oauth2-client-6.1.2.jar:6.1.2]
	at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:231) ~[spring-security-web-6.1.2.jar:6.1.2]
	at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:221) ~[spring-security-web-6.1.2.jar:6.1.2]
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374) ~[spring-security-web-6.1.2.jar:6.1.2]```

Hi.

I am developing a small app

We are developing social login using the project.

The problem is to use sign in with apple in the IOS app.

Currently, add an apple provider as shown below to configure and receive the access token.

  security:
    oauth2:
      client:
        registration:
          google:
            clientId: {clientId}
            clientSecret: {clientSecret}
            redirectUri: "{baseUrl}/oauth2/callback/{registrationId}"
            scope:
              - email
              - profile
          facebook:
            clientId: {clientId}
            clientSecret: {clientSecret}
            redirectUri: "{baseUrl}/oauth2/callback/{registrationId}"
            scope:
              - email
              - public_profile
          apple:
            clientId: "com.example.appId"
            clientSecret: "eyJhbGciOiJFUzI1NiIsImtp..."
            redirectUri: "{baseUrl}/oauth2/callback/{registrationId}"
            clientAuthenticationMethod: post
            authorizationGrantType: authorization_code
        provider:
          facebook:
            authorizationUri: https://www.facebook.com/v3.0/dialog/oauth
            tokenUri: https://graph.facebook.com/v3.0/oauth/access_token
            userInfoUri: https://graph.facebook.com/v3.0/me?fields=id,first_name,middle_name,last_name,name,email,verified,is_verified,picture.width(250).height(250)
          apple:
            authorizationUri: https://appleid.apple.com/auth/authorize
            tokenUri: https://appleid.apple.com/auth/token
            userInfoUri: https://appleid.apple.com/auth/token <<< ???

However, it is not possible to get user information with the corresponding access token.

How can I get user information?

Ps Thank you for opening this project.

i tried to add authentification for linkdin, but LinkedIn OAuth2 access token api is returning only the access_token and expires_in values but not the token_type in the response. This results in the following error.

org.springframework.http.converter.HttpMessageNotReadableException: An error occurred reading the OAuth 2.0 Access Token Response: tokenType cannot be null; nested exception is java.lang.IllegalArgumentException: tokenType cannot be null

can you suggest a solution please !

User is logged in to another browser tab, but React Frontend giving this error Looks like you're signed up with local account. Please use your local account to login

How to solve it?

So it will redirect to Profile page & Show Logout

hi! very cool example, but I have a question - I have restful spring boot app and UI in mobile app. So, how I can redirect uri after successful authorization if UI after link in apk don't have url for redirect and get token from server?

I do not have enough Eng skills and i need your understanding beforehand

It Seems that the processOAuth2User() method has not yet stored authentication information in the securityContext.

because i use jpaAuditing. i get nullpointerexception. there is no authentication information.

I want to use jpaauditing, but can I store user information in the successHandler () ?

reference
auditing

hey thanks a lot man, such a nice and clean example, it worked really well.

i had an issue with facebook login throwing
invalid_user_info_response] An error occurred while attempting to retrieve the UserInfo Resource: Could not extract response: no suitable HttpMessageConverter found for response type [java.util.Map<java.lang.String, java.lang.Object>] and content type [text/javascript;charset=UTF-8]

here is the fix in case you or other people want to patch:

this is documented here:
spring-projects/spring-security#6017

so the fix is also described in that link, but to summarize:

1. enable use of snapshot builds so you can get the latest not yet released verison of spring security:
   add the following additional repository in pom:

2. now you can use a realese of spring security 5.1.2 snapshot that fixes this:

Add the following PROPERTY:

<spring-security.version>5.1.2.BUILD-SNAPSHOT</spring-security.version>

Here is the full reference of my pom that fixed that issue:

4.0.0

<groupId>com.example</groupId>
<artifactId>spring-social</artifactId>
<version>0.0.1-SNAPSHOT</version>
<packaging>jar</packaging>

<name>oauth2-demo</name>
<description>Demo project for Spring Boot</description>

<parent>
	<groupId>org.springframework.boot</groupId>
	<artifactId>spring-boot-starter-parent</artifactId>
	<version>2.1.0.RELEASE</version>
	<relativePath/>
	<!-- lookup parent from repository -->
</parent>

<properties>
	<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
	<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
	<java.version>1.8</java.version>
	<spring-security.version>5.1.2.BUILD-SNAPSHOT</spring-security.version>
</properties>

<dependencies>
	<dependency>
		<groupId>org.springframework.boot</groupId>
		<artifactId>spring-boot-starter-security</artifactId>
	</dependency>
	<dependency>
		<groupId>org.springframework.boot</groupId>
		<artifactId>spring-boot-starter-web</artifactId>
	</dependency>
	<dependency>
		<groupId>org.springframework.boot</groupId>
		<artifactId>spring-boot-starter-data-jpa</artifactId>
	</dependency>

	<dependency>
		<groupId>org.springframework.security</groupId>
		<artifactId>spring-security-oauth2-client</artifactId>
	</dependency>

	<dependency>
		<groupId>mysql</groupId>
		<artifactId>mysql-connector-java</artifactId>
		<scope>runtime</scope>
	</dependency>
	<dependency>
		<groupId>io.jsonwebtoken</groupId>
		<artifactId>jjwt</artifactId>
		<version>0.5.1</version>
	</dependency>
	<dependency>
		<groupId>org.springframework.boot</groupId>
		<artifactId>spring-boot-starter-test</artifactId>
		<scope>test</scope>
	</dependency>
	<dependency>
		<groupId>org.springframework.security</groupId>
		<artifactId>spring-security-test</artifactId>
		<scope>test</scope>
	</dependency>
</dependencies>

<build>
	<plugins>
		<plugin>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-maven-plugin</artifactId>
		</plugin>
	</plugins>
</build>

<repositories>
	<repository>
		<id>spring-milestones</id>
		<name>Spring Milestones</name>
		<url>https://repo.spring.io/milestone</url>
		<snapshots>
			<enabled>false</enabled>
		</snapshots>
	</repository>
	<repository>
		<id>spring-snapshot</id>
		<name>Spring Snapshot Repository</name>
		<url>https://repo.spring.io/snapshot</url>
	</repository>
</repositories>

How could I store refresh token in CustomOAuth2UserService?

I run this project as given in readme file and i am also getting successful login message but it is not redirecting to profile page. Instead, it is redirecting me to Home page again.

Please provide some hints. or fix for this issue.

Hi!

I have the fresh code base up and running with everything configured, but when I try to Log in or Sign up I get this error log:

org.springframework.http.converter.HttpMessageNotReadableException: An error occurred reading the OAuth 2.0 Error: JSON parse error: Cannot deserialize instance of java.lang.Stringout of START_OBJECT token; nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot deserialize instance ofjava.lang.Stringout of START_OBJECT token at [Source: (sun.net.www.protocol.http.HttpURLConnection$HttpInputStream); line: 1, column: 10] (through reference chain: java.util.LinkedHashMap["error"]); nested exception is org.springframework.http.converter.HttpMessageNotReadableException: JSON parse error: Cannot deserialize instance ofjava.lang.Stringout of START_OBJECT token; nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot deserialize instance ofjava.lang.String out of START_OBJECT token at [Source: (sun.net.www.protocol.http.HttpURLConnection$HttpInputStream); line: 1, column: 10] (through reference chain: java.util.LinkedHashMap["error"])

Maybe Facebook sending another format back and an update needed.
Hint: Google login/signup working fine...
Can you please fix this problem?

Thank you very much!

Hi,
I'm trying to integrate swagger with this implementation but its not working.
I have added following dependecies

io.springfox
springfox-swagger-ui
2.9.2


io.springfox
springfox-swagger2
2.9.2


io.swagger
swagger-jersey2-jaxrs
1.5.8

Along with it I have permitAll to following matcher
.antMatchers(AUTH_LIST).permitAll();
private static final String[] AUTH_LIST = { //
"/api/v2/api-docs*", //
"/v2/api-docs*", //
"/configuration/ui*", //
"/swagger-resources*", //
"/configuration/security*", //
"/swagger-ui.html*", //
"/webjars/**" //
};

But I'm getting exception
org.springframework.security.authentication.InsufficientAuthenticationException: Full authentication is required to access this resource

Hi!

when i use "mvn spring-boot:run"

[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.springframework.boot:spring-boot-maven-plugin:2.2.1.RELEASE:run (default-cli) on project spring-social: Application finished with exit code: 1 -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException

what can i do for this problem?

In the above link, an access token is generated and passed back to user-agent (browser) as query param. Is there a security risk for transferring access token in plain text URL?

My application is running on digitalocean, but when I call with {baseUrl} / oauth2 / callback / {registrationId}, baseUrl is getting local address 127.0.0.1 instead of getting host ex: https: // myapp. com/s8146login, I tried to use https://myapp.com.br/s8146login/oauth2/callback/{registrationId} but is giving authentication error

Hello, how can i send email verification link just to users who signup with name-email-password form? thank you