Introduction
JustAuth removes the repetitive work of implementing OAuth login flows for multiple social providers. It normalizes the authorization code exchange and user profile retrieval across 30+ platforms behind a single, consistent Java interface.
What JustAuth Does
- Implements OAuth 2.0 / OAuth 1.0a flows for 30+ identity providers
- Returns a unified AuthUser object regardless of the provider
- Handles state parameter generation, token exchange, and user info requests
- Supports providers like GitHub, Google, Facebook, Twitter, Apple, GitLab, and more
- Provides optional PKCE and custom scope configuration per provider
Architecture Overview
JustAuth defines an AuthRequest interface with authorize() and login() methods. Each provider has a concrete implementation that encodes the platform-specific OAuth endpoints, scopes, and profile API. The library handles HTTP communication internally, parses provider-specific JSON responses, and maps them to a common AuthUser model with fields like uuid, username, avatar, and email.
Self-Hosting & Configuration
- Add JustAuth as a Maven dependency to your Spring Boot or plain Java project
- Register OAuth apps on each provider and obtain client ID and secret
- Create an AuthConfig with clientId, clientSecret, and redirectUri
- Instantiate the provider-specific AuthRequest and call authorize()
- Handle the callback by calling login(AuthCallback) to receive the AuthUser
Key Features
- Unified AuthUser model across all providers simplifies downstream logic
- State parameter management prevents CSRF attacks on the OAuth callback
- Custom HTTP client adapter for environments with specific proxy or TLS needs
- Extensible design allows adding custom OAuth providers via the SPI
- Zero Spring dependency; works in any Java application
Comparison with Similar Tools
- Spring Security OAuth2 Client — deep Spring integration but more configuration; JustAuth is provider-focused and framework-agnostic
- Passport.js — Node.js strategy-based auth; JustAuth serves the same purpose in Java
- Auth.js (NextAuth) — JavaScript/TypeScript ecosystem; JustAuth targets JVM applications
- Socialite (Laravel) — PHP social login; JustAuth is the Java equivalent with broader provider coverage
FAQ
Q: Which social providers does JustAuth support? A: Over 30, including GitHub, Google, Facebook, Twitter, Apple, GitLab, Bitbucket, LinkedIn, Amazon, Slack, Discord, and several Chinese platforms.
Q: Does JustAuth handle token refresh? A: Yes. Providers that support refresh tokens expose a refresh() method on their AuthRequest.
Q: Can I add a provider not yet supported? A: Yes. Implement the AuthSource and AuthRequest interfaces to register a custom provider.
Q: Does it work with Spring Boot auto-configuration? A: The community justauth-spring-boot-starter provides auto-configuration and YAML-based provider setup.