OAuth Setting for Twitter OFM SOA Application

This is related to my previous article about sending tweets to from Oracle Fusion SOA Web Service application. Refer

The SOA Web Service application prototype I had built was using the basic authentication using user name and password while connecting to the user account.

Effective August 2010, Twitter has disabled the applications posting tweets using basic authentication. Basic authentication was the simple approach for applications to connect to the Twitter User Accounts using just the user name and password. But may not be the smartest way to connect given the security and account maintenance challenges.

OAuth based authentication is the recommended approach. All of the applications using the basic authentication need to switch to OAuth authentication.

This write up is the record of the steps I followed to switch my Fusion SOA Web Service tweet application that was using basic authentication to OAuth based authentication.

Summary steps:
Step 1: Register the application that tweets using an API. This is to register the application as a authorized source of tweets related to the Twitter User Account.

Step 2: Obtain OAuth Access Token.

Step 3: Update the client application API to use the Access Token instead of the basic user name and password.

Following sections details about each of these steps.

Register the application for OAuth access and obtain the Consumer Key and Consumer Secret Key

Open the link in a browser:
Enter the application details to obtain OAuth specific access.

Twitter generates Consumer Key and Consumer Secret Key for the associated Twitter user account. The keys will be used to obtain Access Token in the next steps.
Obtain the Access Token for OAuth
It is a three level process.

1. Generate Authorization URL
2. Obtain PIN
3. Generate Access Token

The code to perform this one time setup is:

The code output:
C:\>java OAuthSetup

Open the following URL and grant access to your account:

Open the URL in the browser

Enter the twitter account user name and password and select ‘Allow’

Note the generated PIN

Enter the PIN at the prompt in the program, and generate the Access Token.
Note down the Access Token and Access Security Token and save it safe. This will be used in the twitter client to authenticate.
Here is a sample twitter client usage in Java which uses OAuth with Consumer Key, Consumer Secret Key, Access Token and Access Security Token to authenticate with
TwitterFactory factory = new TwitterFactory();
AccessToken accessToken = new AccessToken("Access Token", "Access Security Token");
Twitter twitter = factory.getOAuthAuthorizedInstance("Consumer Key", "Consumer Secret Key", accessToken);

No comments:

Post a Comment