Esta página se muestra en inglés. Una traducción al español está en curso.
ConfigsJul 1, 2026·3 min de lectura

JustAuth — Universal Third-Party Login Library for Java

An out-of-the-box Java library for integrating social login from 30+ providers including GitHub, Google, Facebook, WeChat, and more with a unified API.

Listo para agents

Instalación lista para agent

Este activo puede instalarse después de elegir el runtime, revisar el plan y ejecutar el comando correspondiente.

Native · 98/100Política: permitir
Superficie agent
Cualquier agent MCP/CLI
Tipo
Skill
Instalación
Single
Confianza
Confianza: Established
Entrada
JustAuth Overview
Comando de instalación directa
npx -y tokrepo@latest install 1a624c2b-7527-11f1-9bc6-00163e2b0d79 --target codex

Ejecutar después de confirmar el plan con dry-run.

Introduction

JustAuth removes the repetitive work of implementing OAuth login flows for multiple social providers. It normalizes the authorization code exchange and user profile retrieval across 30+ platforms behind a single, consistent Java interface.

What JustAuth Does

  • Implements OAuth 2.0 / OAuth 1.0a flows for 30+ identity providers
  • Returns a unified AuthUser object regardless of the provider
  • Handles state parameter generation, token exchange, and user info requests
  • Supports providers like GitHub, Google, Facebook, Twitter, Apple, GitLab, and more
  • Provides optional PKCE and custom scope configuration per provider

Architecture Overview

JustAuth defines an AuthRequest interface with authorize() and login() methods. Each provider has a concrete implementation that encodes the platform-specific OAuth endpoints, scopes, and profile API. The library handles HTTP communication internally, parses provider-specific JSON responses, and maps them to a common AuthUser model with fields like uuid, username, avatar, and email.

Self-Hosting & Configuration

  • Add JustAuth as a Maven dependency to your Spring Boot or plain Java project
  • Register OAuth apps on each provider and obtain client ID and secret
  • Create an AuthConfig with clientId, clientSecret, and redirectUri
  • Instantiate the provider-specific AuthRequest and call authorize()
  • Handle the callback by calling login(AuthCallback) to receive the AuthUser

Key Features

  • Unified AuthUser model across all providers simplifies downstream logic
  • State parameter management prevents CSRF attacks on the OAuth callback
  • Custom HTTP client adapter for environments with specific proxy or TLS needs
  • Extensible design allows adding custom OAuth providers via the SPI
  • Zero Spring dependency; works in any Java application

Comparison with Similar Tools

  • Spring Security OAuth2 Client — deep Spring integration but more configuration; JustAuth is provider-focused and framework-agnostic
  • Passport.js — Node.js strategy-based auth; JustAuth serves the same purpose in Java
  • Auth.js (NextAuth) — JavaScript/TypeScript ecosystem; JustAuth targets JVM applications
  • Socialite (Laravel) — PHP social login; JustAuth is the Java equivalent with broader provider coverage

FAQ

Q: Which social providers does JustAuth support? A: Over 30, including GitHub, Google, Facebook, Twitter, Apple, GitLab, Bitbucket, LinkedIn, Amazon, Slack, Discord, and several Chinese platforms.

Q: Does JustAuth handle token refresh? A: Yes. Providers that support refresh tokens expose a refresh() method on their AuthRequest.

Q: Can I add a provider not yet supported? A: Yes. Implement the AuthSource and AuthRequest interfaces to register a custom provider.

Q: Does it work with Spring Boot auto-configuration? A: The community justauth-spring-boot-starter provides auto-configuration and YAML-based provider setup.

Sources

Discusión

Inicia sesión para unirte a la discusión.
Aún no hay comentarios. Sé el primero en compartir tus ideas.

Activos relacionados