Hi nvictor,
Recently I have done OAuth implementation for Twitter using this OAuth Java
library. So I would like to share some of my findings.
Yes you have to give a callback url when you are registering the Twitter
app. But for each access token requests, you can override the callback url
and send a new one. If you do not send a new one, Twitter will use the
default callback url which you have given at the registration. This confused
me at the beginning due to the lack of documentation. So, I had to dig
through the src and do some trial and error testings to figure it out.
Before retrieving the request token let's create the OAuth client, consumer
and accessor objects:
// I use HttpClient3 as the Http Client, you can use either this or
URLConnectionClient
OAuthClient oAuthClient = new OAuthClient(new HttpClient3());
// create a servie provider, notice here I am using HTTPS urls, you can use
HTTP urls too.
OAuthServiceProvider serviceProvider = new OAuthServiceProvider("
https://twitter.com/oauth/request_token";, "
https://twitter.com/oauth/authorize";, "
https://twitter.com/oauth/access_token";);
// create a consumer with your consumer key, secret and *the callback url*
OAuthConsumer consumer = new OAuthConsumer("*
http://www.test.com/yourcallbackpage.html*";, "yourconsumerKey",
"yourconsumerSecret", serviceProvider);
// now create an accessor
OAuthAccessor accessor = new OAuthAccessor(consumer);
// Lets create a properties map to sent to Twitter
Map<String, String> map = new HashMap<String, String>();
// Twitter supports OAuth version 1.0 and HMAC-SHA1 signatures
map.put(OAuth.OAUTH_SIGNATURE_METHOD, OAuth.HMAC_SHA1);
map.put(OAuth.OAUTH_VERSION, OAuth.VERSION_1_0);
*// This is where you give the callback url*
*map.put(OAuth.OAUTH_CALLBACK, accessor.consumer.callbackURL);*
// Now send the request to Twitter in order to get the request token
oAuthClient.getRequestToken(accessor, OAuthMessage.POST, map.entrySet());
// This is how you read the request token and secret
String youraccesstoken = accessor.requestToken;
String youraccesstokensecret = accessor.tokenSecret;
Now you need to authorize your app to get the verifier. User this url to
authorize:
http://twitter.com/oauth/authorize?oauth_token=yourrequesttoken
And you can continue the rest of the process I guess.
Good luck!
- Lasantha
--
*Lasantha Kularatne*
Software Engineer
*Bazaar**voice* [site <http://www.bazaarvoice.com/> |
blog<http://www.bazaarvoice.com/blog>|
twitter <http://twitter.bazaarvoice.com/>]
**
On Mon, Jul 26, 2010 at 5:20 PM, nvictor <[email protected]> wrote:
> hi all,
>
> i'm following subsection "Acquiring a request token" here:
> http://dev.twitter.com/pages/auth
>
> but when i include the oauth_callback parameter. the signature always
> failed to be verified. when omitted it works.
>
> when registering to twitter, the user has to set a callback url. does
> that mean that oauth_callback should be omitted when requesting
> tokens?
>
> thanks
>
> --
> You received this message because you are subscribed to the Google Groups
> "OAuth" group.
> To post to this group, send email to [email protected].
> To unsubscribe from this group, send email to
> [email protected] <oauth%[email protected]>.
> For more options, visit this group at
> http://groups.google.com/group/oauth?hl=en.
>
>
--
You received this message because you are subscribed to the Google Groups
"OAuth" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/oauth?hl=en.
