I am implementing twitter in my application using scribe.
After the user authenticate my app and is redirected to new url,
I got the oauth_token and oauth_verifier but could not figure out how to generate oauth_token and oauth_secret from it.
Kindly resolve the issue and thank you in advance!!!
I've solved the problem just make a new service builder(as in the example) in the redirected page and use the oauth_token and oauth_verifier u'll get when u will be redirected to new page like this
Token requestToken = new Token(request.getParameter("oauth_token"),request.getParameter("oauth_verifier"));
Verifier verifier = new Verifier(request.getParameter("oauth_verifier"));
rest is same as in example.
See the Twitter example.
The oauth token and verifier should be what you need to request an access token and access protected resources.
Related
I am trying to make a Java class which would call upon Google's API to recreate an access token to a user's account with new permissions/larger scope. This class is to be instantiated by a Java servlet I had created. I want a function within that class to return a new access token. For this class to do that, I am using the Scribe library.
In Scribe's quick guide, there are two steps which concern me and have me stumped:
Step Three: Making the user validate your request token
Let’s help your users authorize your app to do the OAuth calls. For
this you need to redirect them to the following URL:
String authUrl = service.getAuthorizationUrl(requestToken);
After this either the user will get a verifier code (if this is an OOB
request) or you’ll receive a redirect from Twitter with the verifier
and the requestToken on it (if you provided a callbackUrl)
Step Four: Get the access Token
Now that you have (somehow) the verifier, you need to exchange your
requestToken and verifier for an accessToken which is the one used to
sign requests.
Verifier v = new Verifier("verifier you got from the user");
Token accessToken = service.getAccessToken(requestToken, v); // the requestToken you had from step 2
It does not seem to specify how to get that verifier from the user. How am I supposed to do that? How do I redirect my user to the authURL, and how do I get it to send its verifier back to this class of mine, which initiated the request to begin with?
If this is unclear, let me structure the question differently, taking Scribe out of the equation: To get an authorization code from Google (which would be used to then get a refresh token and access token), I would execute the following URL connection from within the servlet (yes, I've tried to answer this problem without the Scribe library, and still can't figure it out):
URL authURL = new URL("https://accounts.google.com/o/oauth2/auth");
HttpsURLConnection authCon = (HttpsURLConnection) authURL.openConnection();
authCon.setRequestMethod("GET");
authCon.setDoOutput(false);
authCon.setConnectTimeout(100000);
authCon.setRequestProperty("response_type", "code");
authCon.setRequestProperty("client_id", CLIENT_ID);
authCon.setRequestProperty("redirect_uri",
"http://**************.com/parseAuth/");
authCon.setRequestProperty("scope", convertToCommaDelimited(scopes));
authCon.setRequestProperty("state", csrfSec);
authCon.setRequestProperty("access_type", "offline");
authCon.setRequestProperty("approval_prompt", "auto");
authCon.setRequestProperty("include_granted_scopes", "true");
What has me stuck is what I should be putting for the redirect URI. After getting the user's approval for the new scope, this authorization URL would return an authorization code to the redirect URI, and seemingly nothing to whatever called it. (Am I correct in this?) So if I have another servlet as the redirect URI to parse/extract the authorization code from the response, how in the world do I get that authorization code back to my first, initial servlet? It seems to me that there is no way to have it give back the value to the servlet, in the same position of the code from which the URL was called. It looks like the function has to end there, and all new action must take place within that new servlet. But if that is the case, and I send that auth code to Google's API which would send back a refresh token and access token to ANOTHER servlet I would make to be its redirect URI, how do I possibly get that information back to what it is which called the initial servlet to begin with? That seems to be the same problem at its core, with the problem I am having with Scribe.
I've been stuck on this for many hours, and can't seem to figure out what it is I am supposed to do. I feel like I am missing some key concept, element, or step. I need this clarified. If it is at all relevant, my servlet is hosted on a Jboss application server on OpenShift.
I'm using facebook4j api (http://facebook4j.org/en/index.html) for access to user data on facebook, so for the login authorization i must provide a acess token, so i found this api: (https://github.com/fernandezpablo85/scribe-java) and from this example (https://github.com/fernandezpablo85/scribe-java/blob/master/src/test/java/org/scribe/examples/FacebookExample.java) i'm trying to get the access token, in the params builder i have to set the callback url:
OAuthService service = new ServiceBuilder()
.provider(FacebookApi.class)
.apiKey(Assets.FACEBOOK_APPID)
.apiSecret(Assets.FACEBOOK_APPSECRET)
.callback()
.build();
But my app is client-side only, so what callback url must i provide?
See here:
redirect_uri. The URL that you want to redirect the person logging in back to. This URL will capture the response from the Login Dialog. If you are using this in a webview within a desktop app, this must be set to https://www.facebook.com/connect/login_success.html.
I have created a Facebook app using RestFB. In my local environment it is working fine. To put the app on the web, I need to get token. I am following these steps:
Redirecting from Facebook to my app url using app id and secret key.
Getting code from url
Trying to redirect using code to get authtoken
I am not able to complete step 3, Please help me.
A sample code will be most appreciated.
Have you followed this step exactly ?
Create a Facebook Application
Request https://graph.facebook.com/oauth/authorize?client_id=MY_API_KEY& redirect_uri=http://www.facebook.com/connect/login_success.html& scope=publish_stream,create_event
Facebook will redirect you to http://www.facebook.com/connect/login_success.html? code=MY_VERIFICATION_CODE
Request https://graph.facebook.com/oauth/access_token?client_id=MY_API_KEY& redirect_uri=http://www.facebook.com/connect/login_success.html& client_secret=MY_APP_SECRET&code=MY_VERIFICATION_CODE
Facebook will respond with access_token=MY_ACCESS_TOKEN
Get your APP_ID/Key and APP_SECRET
use the below code
AccessToken accessToken = new DefaultFacebookClient().obtainAppAccessToken(APP_ID, APP_SECRET);
DefaultFacebookClient facebookClient = new DefaultFacebookClient(accessToken.getAccessToken());
Struggled long time to find this simple method.
I am receiving error messages while working with Twitter4J:
java.lang.IllegalStateException: Access token already available.
twitter4j.auth.OAuthAuthorization.getOAuthRequestToken(OAuthAuthorization.java:112)
twitter4j.auth.OAuthAuthorization.getOAuthRequestToken(OAuthAuthorization.java:104)
twitter4j.TwitterBaseImpl.getOAuthRequestToken(TwitterBaseImpl.java:276)
twitter4j.TwitterBaseImpl.getOAuthRequestToken(TwitterBaseImpl.java:269)
[...]
This exception is thrown while calling the method Twitter.getOAuthRequestToken(). I want to get the Authorization URL to authenticate the next user.
How am I possible to solve this problem? I only put the OAuthConsumerKey, the OAuthConsumerSecret, the OAuthAccessToken and the OAuthAccessTokenSecret to the Twitter4J properties. But how do I receive the authorization URL to authenticate a new user?
Thanks and greetings,
Martin
Sorry.
I was setting an Access Token hard coded by the Configuration Builder.
Removed it, works now.
You need to create a new instance of twitter and null it's accessToken and accessTokenSecret fields before requesting new access token.
ConfigurationBuilder cb = new ConfigurationBuilder();
cb.setDebugEnabled(true)
.setOAuthConsumerKey(TWITTER_CONSUMER_KEY)
.setOAuthConsumerSecret(TWITTER_CONSUMER_SECRET)
.setOAuthAccessToken(null)
.setOAuthAccessTokenSecret(null);
TwitterFactory tf = new TwitterFactory(cb.build());
Twitter twitter = tf.getInstance();
I'm using scribe for making an app that has oauth support. I didn't found problems With Twitter, but when using facebook I have problems...
This is the code that works on twitter oauth
OAuthService s = /* ... Facebook oauth init ... */
final Token requestToken = s.getRequestToken();
final String authURL = s.getAuthorizationUrl(requestToken);
It gives me an error at the second line:
12-20 10:01:31.475: E/AndroidRuntime(5405): java.lang.UnsupportedOperationException: Unsupported operation, please use 'getAuthorizationUrl' and redirect your users there
12-20 10:01:31.475: E/AndroidRuntime(5405): at org.scribe.oauth.OAuth20ServiceImpl.getRequestToken(OAuth20ServiceImpl.java:45)
I know that it says that I might use getAuthorizationUrl... But I have to pass a requestToken...
Could you please help me?
It would be helpful any example with Scribe and Facebook
Thanks!
PS: Same problem with Windows Live ! =(
EDIT:
I have been looking at the source code of the Scribe library and I found something
https://github.com/fernandezpablo85/scribe-java/blob/master/src/main/java/org/scribe/oauth/OAuth20ServiceImpl.java
Here we can see that I can call the getAuthorizationUrl(...) with null parameter because it doesn't use it.... But I think the prioblem now is that the config isn't filled...
here is how I initialize facebook service:
new ServiceBuilder()
.provider(FacebookApi.class)
.apiKey(....)
.apiSecret(....)
.scope("email,offline_access")
.callback("oauth://facebook")
.build();
Is this correct?
Thanks!
private static final Token EMPTY_TOKEN = null;
OAuthService service = new ServiceBuilder()
.provider(FacebookApi.class)
.apiKey(apiKey)
.apiSecret(apiSecret)
.callback("http://www.example.com/oauth_callback/")
.build();
String authorizationUrl = service.getAuthorizationUrl(EMPTY_TOKEN);
All you now need to redirect user to this URL and let him verify them self to get code from facebok.
There are a good amount of example with very good documentation for almost all major Oath
system
here is for Facebook
FacebookExample
For all major providers
Scribe Example Directory
Edit
After looking at the discussion my suggestion is to get a full understanding about Oauth1 and Oauth2.
You've got it all wrong. OAuth 2 Protocol never returns a request token like OAuth 1.
Oauth 1 does an HTTP POST request and returns an unauthorized request token. Then, you will have to authorize your unauthorized token to receive an authorized token (That's 2 HTTP call).
Oauth 2, on the other hand, doesn't have a request token flow, you will need to do an HTTP GET for an authorization token (1 HTTP call only). Hence why Scribe says that you need to call getAuthorizedUrl.
See this Facebook Example, to see how to retrieve an authorized token using OAuth 2.