To use GitHub’s OAuth 2.0 authorization system, you must Register a new OAuth application.

When registering the OAuth application, ensure the Authorization callback URL is set to http:https://localhost:8080/login/oauth2/code/client-id.

The Authorization callback URL (redirect URI) is the path in the application that the end-user’s user-agent is redirected back to after they have authenticated with GitHub and have granted access to the OAuth application on the Authorize application page.

Now that you have a new OAuth application with GitHub, you need to configure the sample to use the OAuth application for the authorization code grant flow. To do so:

1. Go to application.yml and set the following configuration:

   spring:
     security:
       oauth2:
         client:
           registration:	(1)
             client-id:       (2)
               client-id: replace-with-client-id
               client-secret: replace-with-client-secret
               provider: github
               scope: read:user,public_repo

   Example 1. OAuth Client properties

   1. spring.security.oauth2.client.registration is the base property prefix for OAuth Client properties.

   2. Following the base property prefix is the ID for the ClientRegistration, which is github.

2. Replace the values in the client-id and client-secret property with the OAuth 2.0 credentials you created earlier.

Launch the Spring Boot 2.0 sample and go to http:https://localhost:8080. You are then redirected to the default auto-generated form login page. Log in using 'user' (username) and 'password' (password) or click the link to authenticate with GitHub and then you’ll be redirected to GitHub for authentication.

After authenticating with your GitHub credentials, the next page presented to you is "Authorize application". This page will ask you to Authorize the application you created in the previous step. Click Authorize application to allow the OAuth application to access and display your public repository information.