<html><body><div style="color:#000; background-color:#fff; font-family:HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif;font-size:16px"><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">Hi Guys,<br></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">Today I spent a few hours looking at Google OpenID integration that you guys have implemented. Over all you guys have done a great job.</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">There are just a few things that I ran into that I wanted to let you guys know. Hopefully this will help someone.</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">1. The OpenID-Connect-Java-Spring-Server ( openid-connect-parent ) project ( master ) builds fine and must be built on the local machine before starting with the simple-web-app project.</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">2. As per https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/wiki/Sample-Static-Configuration-for-using-Google-Authentication, the simple-web-app project works with the development branch only (as of 03/09/2015). This requires several changes. </div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><span class="" style="white-space:pre">        </span>a). The master project has moved to spring-security-3.2.5 while the simple-web-app is still on spring-security 3.1.4</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><span class="" style="white-space:pre">        </span>b). In step 4, you also need clientSecret. Else you get a "HTTP Status 401 - Authentication Failed: Unable to obtain Access Token: 400 Bad Request" error.</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><span class="" style="white-space:pre">        </span>c). In step 4, the https://my-redirect-uri-setup-in-google/ must be of the form http://localhost:8080/simple-web-app/openid_connect_login</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><span class="" style="white-space:pre">        </span>d). in servlet-context.xml, <b>DefaultJWTSigningAndValidationService</b> is spelled as <b>DefaultJwtSigningAndValidationService</b> which results in a classnotfoundexception on startup</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">3. The final issue I ran into is that after authentication is complete I get a "request for "https://www.googleapis.com/plus/v1/people/me/openIdConnect" resulted in 403" error. The issue and the solution is described in detail here:</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">http://stackoverflow.com/questions/19335503/keep-getting-a-daily-limit-for-unauthenticated-use-exceeded-continued-use-requ</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">This is not an issue with your implementation but does prevent people from running the example successfully :)</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">Hope this helps.</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="" dir="ltr">Thanks</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">Prashant</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">--- a/pom.xml</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">+++ b/pom.xml</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">@@ -11,8 +11,8 @@</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""> <org.springframework-version>3.2.3.RELEASE</org.springframework-version></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""> <org.aspectj-version>1.6.9</org.aspectj-version></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""> <org.slf4j-version>1.5.10</org.slf4j-version></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">- <spring.security.version>3.1.4.RELEASE</spring.security.version></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">- <mitreid-connect-version>1.1.12</mitreid-connect-version></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">+ <spring.security.version>3.2.5.RELEASE</spring.security.version></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">+ <mitreid-connect-version>1.2.0-SNAPSHOT</mitreid-connect-version></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""> </properties></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""> </div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">diff --git a/src/main/webapp/WEB-INF/spring/appServlet/servlet-context.xml b/src/main/webapp/WEB-INF/spring/appServlet/servlet-context.xml</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">index 4b2713c..7fd239d 100644</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">--- a/src/main/webapp/WEB-INF/spring/appServlet/servlet-context.xml</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">+++ b/src/main/webapp/WEB-INF/spring/appServlet/servlet-context.xml</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">@@ -7,7 +7,7 @@</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""> xmlns:tx="http://www.springframework.org/schema/tx" xmlns:util="http://www.springframework.org/schema/util"</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""> xsi:schemaLocation="http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2.xsd</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""> http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">+ http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""> http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""> http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.0.xsd</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""> http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.1.xsd</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""> </div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""> <!--</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">@@ -430,7 +487,7 @@</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""> This service sets up a bunch of signers and validators based on our own keys.</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""> Replace this keystore's contents for a production deployment.</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""> --></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">- <bean id="defaultSignerService" class="org.mitre.jwt.signer.service.impl.DefaultJwtSigningAndValidationService"></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">+ <bean id="defaultSignerService" class="org.mitre.jwt.signer.service.impl.DefaultJWTSigningAndValidationService"></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""> <constructor-arg name="keyStore"></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""> <bean id="defaultKeyStore" class="org.mitre.jose.keystore.JWKSetKeyStore"></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""> <property name="location" value="classpath:keystore.jwks" /></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">@@ -449,3 +506,4 @@</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""> </bean></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""> </div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""> </beans></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">+ </div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">\ No newline at end of file</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">diff --git a/src/main/webapp/WEB-INF/spring/root-context.xml b/src/main/webapp/WEB-INF/spring/root-context.xml</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">index d5fd2c5..e3c96f4 100644</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">--- a/src/main/webapp/WEB-INF/spring/root-context.xml</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">+++ b/src/main/webapp/WEB-INF/spring/root-context.xml</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">@@ -8,7 +8,7 @@</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""> xmlns:oauth="http://www.springframework.org/schema/security/oauth2"</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""> xsi:schemaLocation="http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""> http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">+ http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""> http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""> http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.2.xsd</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""> http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.2.xsd"></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div></div></body></html>