Geek Answers Handbook

OAuth 1 authorization with JOAuth, an example is needed

Since I saw questions about how to do OAuth 1 3-legged or 2-legged authorization on LinkedIn / Twitter, I thought I would post an example of how I achieved authorization for Twitter with JOAuth .

+2
source share
1 answer

Here's how to get an access token net.oauth.token.v1.AccessTokenfrom Twitter.

Firstly, you will need 2 things from Twitter that you need to register your application on Twitter and get an application:

  • API key (which OAuth calls the consumer key)
  • Secret API (which OAuth calls it a consumer secret).

Now, here is how we will authenticate on Twitter:

-, 2 API :

private static final String API_KEY = "TWITTER_API_KEY_HERE";
private static final String API_SECRET  = "TWITTER_API_SECRET_HERE";

, callback_url:

private static final String CALLBACK_URL = "oob";

oob (Out-of-Band).

, OAuth:

private OAuth1Consumer consumer = new OAuth1Consumer(API_KEY, API_SECRET, new OAuth1ServiceProvider("https://api.twitter.com/oauth/request_token", "https://api.twitter.com/oauth/authorize", "https://api.twitter.com/oauth/access_token"));

: API Key, - API Secret, OAuth ( URL- URL- , URL- Token, URL- ).

:

() Token:

, requestUnauthorizedToken OAuth1Consumer:

RequestToken requestToken = consumer.requestUnauthorizedToken(null, CALLBACK_URL, null, new OAuthHmacSha1Signature());

realm, ( Twitter ), callback_url .

3 OAuth:

  • PLAINTEXT ( , ), OAuthPlainTextSignature.
  • HMAC-SHA1, OAuthHmacSha1Signature.
  • RSA-SHA1, OAuthRsaSha1Signature.

Twitter HMAC-SHA1, . OAuth .

, , .

() Token:

URL- , URL-, .

String url = consumer.createOAuthUserAuthorizationUrl(requestToken, null);

( null, HTTP , , Map<String, String>, :))

, URL-, URL- , , callback_url:

(OOB)

OOB , HTTP, . Twitter , HTTP- -. ( Twitter) Twitter . . Twitter OAuth API Documentation.

, OOB, , , Twitter PIN-: PIN-, , :

String twitterPin = ""; //Whatever Twitter displayed
AccessToken accessToken = example.requestAccessToken(new AuthorizedToken(requestToken.getToken(), twitterPin), requestToken);

.

, AccessToken.getToken().

( OOB)

callback_url oob, Twitter . , , OAuthServlet, .

oauth-config.xml WEB-INF, :

<?xml version="1.0" encoding="UTF-8"?>
<oauth-config>
<!-- Twitter OAuth Config -->
        <oauth name="twitter" version="1">
                <consumer key="TWITTER_KEY" secret="TWITTER_SECRET" />
                <provider requestTokenUrl="https://api.twitter.com/oauth/request_token" authorizationUrl="https://api.twitter.com/oauth/authorize" accessTokenUrl="https://api.twitter.com/oauth/access_token" />
        </oauth>


        <service path="/request_token_ready" class="com.neurologic.example.TwitterOAuthService" oauth="twitter">
                <success path="/start.htm" />
        </service>
</oauth-config>

web.xml OAuthServlet.

<servlet>
    <description>An OAuth Servlet Controller</description>
    <display-name>OAuthServlet</display-name>
    <servlet-name>OAuthServlet</servlet-name>
    <servlet-class>com.neurologic.oauth.servlet.OAuthServlet</servlet-class>
    <init-param>
        <param-name>config</param-name>
        <param-value>/WEB-INF/oauth-config.xml</param-value>
    </init-param>
    <load-on-startup>3</load-on-startup>
</servlet>
<servlet-mapping>
    <servlet-name>OAuthServlet</servlet-name>
    <url-pattern>/oauth/*</url-pattern>
</servlet-mapping>

. RequestToken realm ( ). . , .

/**
 * 
 */
package com.neurologic.example;

import javax.servlet.http.HttpServletRequest;

import net.oauth.signature.OAuthSignature;
import net.oauth.signature.impl.OAuthHmacSha1Signature;
import net.oauth.token.v1.AccessToken;
import net.oauth.token.v1.RequestToken;

import com.neurologic.oauth.service.impl.OAuth1Service;

/**
 * @author Buhake Sindi
 * @since 31 May 2011
 *
 */
public class TwitterOAuthService extends OAuth1Service {

    public static final String TWITTER_REQUEST_TOKEN_SESSION = "TWITTER_REQUEST_TOKEN_SESSION";
    public static final String TWITTER_ACCESS_TOKEN_SESSION = "TWITTER_ACCESS_TOKEN_SESSION";

    /* (non-Javadoc)
     * @see com.neurologic.oauth.service.impl.OAuth1Service#getOAuthSignature()
     */
    @Override
    protected OAuthSignature getOAuthSignature() {
        // TODO Auto-generated method stub
        return new OAuthHmacSha1Signature();
    }

    /* (non-Javadoc)
     * @see com.neurologic.oauth.service.impl.OAuth1Service#getRealm()
     */
    @Override
    protected String getRealm() {
        // TODO Auto-generated method stub
        return null;
    }

    /* (non-Javadoc)
     * @see com.neurologic.oauth.service.impl.OAuth1Service#getRequestToken(javax.servlet.http.HttpServletRequest)
     */
    @Override
    protected RequestToken getRequestToken(HttpServletRequest request) {
        // TODO Auto-generated method stub
        return (RequestToken) request.getSession().getAttribute(TWITTER_REQUEST_TOKEN_SESSION);
    }

    /* (non-Javadoc)
     * @see com.neurologic.oauth.service.OAuthService#saveAccessToken(javax.servlet.http.HttpServletRequest, java.lang.Object)
     */
    @Override
    public void saveAccessToken(HttpServletRequest request, AccessToken accessToken) {
        // TODO Auto-generated method stub
        request.getSession().setAttribute(TWITTER_ACCESS_TOKEN_SESSION, accessToken);
    }
}

saveAccessToken() - , , ( Twitter , ).

, .

, !

+3

More articles:


All Articles