-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathwrite.txt
50 lines (50 loc) · 11.9 KB
/
write.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
Cloud Champ: OAuth and Twitter Cloud Champ Information about various cloud technologies and announcements as well as code snippets. Friday, April 3, 2009 OAuth and Twitter Earlier last month, Twitter released OAuth access to their site and to the API. Excited about the possibility of integrating some DigitalChalk functions with Twitter, I decided to take a couple of hours to play around with it and see what it offered. There are lots of examples on the Twitter API site, but none of them are in Java. What? Really? Maybe because it is so easy to do, but I do think that it is worth posting about. First, a little about the flow of getting your access credentials from Twitter. The diagram below shows the order of events and some pieces of the data that you need to get started. For my implementation example I am using a Java OAuth library written by John Kristian, Praveen Alavilli and Dirk Balfanz. You must get your Consumer Key and Consumer Secret by registering your application on Twitter.com The goal is to get an Access Token and Secret that you can use to read and/or write to a Twitter users information without having to ask for their username and password everytime. We also don't want to have to store that information because they may change it on Twitter.com and we don't want to have to synchronize the information. (The user doesn't really want to give that information to us anyway) The first step is get request a Request Token from Twitter. You do this by using a timestamp, nonce, oauth version, and your consumer key and signing it with your consumer secret. Then a request can be made to http://twitter.com/oauth/request_token including the signature. public TwitterTokenPair getRequestToken(TwitterConsumerCredentials credentials) throws TwitterOAuthException {
TwitterTokenPair result = null;
OAuthAccessor accessor = newAccessor(credentials);
OAuthClient client = new OAuthClient(new HttpClient3());
try {
client.getRequestToken(accessor);
// Build the token pair to return
result = new TwitterTokenPair();
result.setToken(accessor.requestToken);
result.setTokenSecret(accessor.tokenSecret);
} catch (Throwable t) {
throw new TwitterOAuthException(t);
} return result;}
Twitter will generate a Request Token and Token Secret and send them back Save the Request Token and Token Secret off for later use. We will use them again after the user has granted us access. Build up a the URL for a user to access, sending them to Twitter, to grant us access. This will be done by sending them to http://twitter.com/oauth/authorize?oauth_token=. You can optionally add a callback URL on the parameters or just rely on the one that you entered on the Twitter site when registering your application. public String getAuthorizeUrl(String token, String callbackUrl, Map callbackParameters) {
Map parameters = new HashMap();
parameters.put("oauth_token", token);
if (null != callbackUrl) {
parameters.put("oauth_callback", callbackUrl + "?" + asQueryString(callbackParameters));
}
return authorizeUrl + "?" + asQueryString(parameters);
}
If you user grants you access, then your callback URL will be called. Upon recieving the callback, you now need to request and Access Token from Twitter. This is very similar to step 3 except you will be using a different URL and the Request Token and Secret that you saved off in step 4. You will sign your request with your consumer secret and the token secret and send the request for the Access Token to http://twitter.com/oauth/access_token. public TwitterTokenPair getAccessToken(TwitterConsumerCredentials credentials, TwitterTokenPair requestTokenPair) throws TwitterOAuthException {
TwitterTokenPair result = null;
OAuthAccessor accessor = newAccessor(credentials);
accessor.requestToken = requestTokenPair.getToken();
accessor.tokenSecret = requestTokenPair.getTokenSecret();
OAuthClient client = new OAuthClient(new HttpClient3());
try {
client.getAccessToken(accessor, HttpClient.GET, null);
// Build the token pair to return
result = new TwitterTokenPair();
result.setToken(accessor.accessToken);
result.setTokenSecret(accessor.tokenSecret);
} catch (Throwable t) {
throw new TwitterOAuthException(t);
}
result;
}
Twitter will generate an Access Token and Token Secret and send them back. At this point, the Application is added to the users Connections tab. Once you parse the Access Token and Token Secret out of the response, you can use them from that point forward to make Twitter API calls on behalf of the user that granted access. That is it! Now you have successfully acquired the Access tokens and can perform the Twitter REST API services for that user. Because I have granted DigitalChalk the to update my status, the application can do so at its hearts content. TwitterHttpCommand twitterCommand = new TwitterHttpCommand(credentials);
try {
Map parameters = new HashMap();
parameters.put("status", "Just finished OAuth integration implementation of Twitter and DigitalChalk in Java! Woohoo!");
response = service.execute(twitterCommand, HttpMethod.POST, accessTokens, "http://twitter.com/statuses/update.xml", parameters);
printInputStream(response.getResponse());
} catch (TwitterOAuthException ex) {
System.out.println(ex);
} catch (IOException ioex) {
System.out.println(ioex);
}
UPDATE: I have been asked to include the code for this experiment. You will need to download the Java OAuth Library and include it in the classpath as well as enter your Consumer Key and Secret into the twitter.properties file. The Test.java class should walk you through how I used it to test access to Twitter. Let me know what you think and if you would like to see anything else added. You can download the code here: http://bit.ly/Pz55C Posted by Troy Tolle at Friday, April 03, 2009 Email This BlogThis! Share to Twitter Share to Facebook Share to Google Buzz Labels: digitalchalk, java, oauth, twitter 14 comments: James said... using the twitter basic auth api, it is possible for the twitter account to be shared by one-or-more twitter client sites.i'm curious, i wonder if this is possible w/ the twitter oauth api as well. i wonder if the second user's authentication of the shared twitter account will invalidate the previously authenticated by a twitter oauth consumer. April 4, 2009 12:40 AM Troy Tolle said... James, I think that I am following what you are asking.If you ask a person to authenticate again using OAuth and you complete the cycle by doing the request for the Access Token, then it will invalidate the previous Access Token and Token Secret. You will have to use the newly generated tokens to access the user's account. April 4, 2009 2:55 PM James said... yeah ... it was rather clumsily asked. wasn't exactly sure of the "correct" words, but we're on the same page.using basic auth, it is pretty easy for a service to allow it's members to share a single twitter account for event/message syndication. in looking at oauth (which i *really* like for obvious reasons), it looks as if this "feature" of allowing for shared account access is no longer available. i really want to be proven wrong on this one :) April 4, 2009 9:14 PM Troy Tolle said... James, I think that it sounds like a good idea for a 3rd party application. You could maintain a group that would have access to write to an account that you approve authentication to and then if you need to remove someone, you simply remove them from your app instead of having to change the password on the Twitter account. Go for it. I think it would be very useful. April 5, 2009 2:04 PM James said... hey troy -i was just made aware that this is a known issue, one that looks to be under investigation:http://code.google.com/p/twitter-api/issues/detail?id=372thx for the chat :) April 6, 2009 1:38 PM Anonymous said... Thanks for this great post + the code :) Both are very helpful... April 14, 2009 6:09 AM Anthony said... Hey Toy, If I have a web app that is already handling all the oAuth stuff, can I just store the access tokens in a DB, and then use those access tokens in my java app to make calls?If I do this do I need to include any of the oauth stuff at all? Trying to break out in your test what is needed the first time just to get the tokens, and then what you need to do the first time around, and what needs to be dont after you've already had your app approved with the user? June 12, 2009 10:51 PM arjun said... I am getting 401 Unauthorized in step 8. In getAccessToken() functionclient.getAccessToken(accessor, HttpClient.GET, null);result = new TwitterTokenPair();result.setToken(accessor.accessToken);result.setTokenSecret(accessor.tokenSecret);accesstoken and tokensecret are both null.what could be wrong ?Please help. June 14, 2009 5:06 AM Troy Tolle said... Anthony, after your user has completed the "Allow" on Twitter, you will be able to get the Access token using the request token and store them. You will then be able to use these tokens on behalf of the user. July 14, 2009 11:13 PM Troy Tolle said... arjun,You will need to pass in your request token to get the access token after the user has allowed access through the request. It appears you are passing in null right now. July 14, 2009 11:16 PM saabir said... HiFantastic job done :-) Is there a way to download the lib jar files?Or do you have a svn url?Cheers December 1, 2009 5:04 PM Troy Tolle said... saabir, thanks for the comment. You can download the source at: http://bit.ly/Pz55C December 1, 2009 5:30 PM Nautilus said... Thanks! Step8 saved my night! :)Bye,Alex Nautilushttp://twitter.com/alexnautilus March 15, 2010 11:40 PM Troy Tolle said... Nautilus, that is great. I am glad it was useful to you. March 16, 2010 7:59 AM Post a Comment Newer Post Older Post Home Subscribe to: Post Comments (Atom) About Me Troy Tolle Asheville, North Carolina, United States View my complete profile Subscribe To Posts Atom Posts Comments Atom Comments follow me on Twitter DigitalChalk Linked In Blog List Blog Archive ? 2010 (5) ? August (1) Creating a Maven Web Project in Eclipse ? July (1) New Open Source Cloud Platform ? May (1) Cloud Computing ROI ? March (1) Juicy Ideas ? January (1) Creativity for Amazon's Cloud Computing Continues ? 2009 (24) ? October (1) Cloud Confusion and the DoD ? September (1) Why Social is Successful ? July (2) Azure verses Amazon AWS Pricing North Carolina and the Amazon Associates Program ? June (1) CloudFront Added to AWS Console ? May (6) DigitalChalk at ASTD In the Works at DigitalChalk Apple to Build Data Center in NC? Amazon Import/Export Amazon Releases New Cloud Computing Services SpringSource Aquires Hyperic ? April (3) Tips on Using Amazon CloudFront Google AppEngine supports Java OAuth and Twitter ? March (6) Playing with Eclipse and Amazon Web Services Bruce Kerr - Tech's Weird Al AppEngine to support Java My First SXSW GrandCentral == Google Voice Trip to Google ? February (1) Rapidly Processing Video in the Cloud ? January (3) TIGR Team looks at Cloud Computing Skype BETA for Mac is out AWS Management Console ? 2008 (44) ? December (2) I got an "A" at Appalachian State University Amazon SimpleDB for FREE ? November (5) Happy Thanksgiving I HAVE to get one of these! Amazon CDN CloudFront Google Voice Search on iPhone Microsoft's Azure Sky ? October (2) EC2 News More Than Expected Microsoft in the Cloud ? September (3) Chase and Dad on a walk Amazon S3 as a CDN? The Future - Delicious? ? August (6) Carolina Connect 2008 Creative Juice Off to the Races! Chase David Tolle Amazon Web Services adds Elastic Block Store Hyperic AppEngine CloudStatus Creative Juice Competition ? July (2) Moodle and DigitalChalk DigitalChalk on Cloud Computing Podcast ? June (4) Baby Class and a Cesarean Section ? May (10) ? April (3) ? March (2) ? February (3) ? January (2) ? 2007 (10) ? December (2) ? November (1) ? October (1) ? August (2) ? July (1) ? June (3) Subscribe Your email address:Powered by FeedBlitz Simple template by Josh Peterson. Template images by Goldmund. Powered by Blogger.