This is related to my previous article about sending tweets to twitter.com from Oracle Fusion SOA Web Service application. Refer
http://sreenisetty.blogspot.com/2010/05/tweet-from-ofm-soa.html
The SOA Web Service application prototype I had built was using the basic authentication using user name and password while connecting to the twitter.com user account.
Effective August 2010, Twitter has disabled the applications posting tweets using basic authentication. Basic authentication was the simple approach for applications to connect to the Twitter User Accounts using just the user name and password. But may not be the smartest way to connect given the security and account maintenance challenges.
OAuth based authentication is the recommended approach. All of the applications using the basic authentication need to switch to OAuth authentication.
This write up is the record of the steps I followed to switch my Fusion SOA Web Service tweet application that was using basic authentication to OAuth based authentication.
Summary steps:
Step 1: Register the application that tweets using an API. This is to register the application as a authorized source of tweets related to the Twitter User Account.
Step 2: Obtain OAuth Access Token.
Step 3: Update the client application API to use the Access Token instead of the basic user name and password.
Following sections details about each of these steps.
Register the application for OAuth access and obtain the Consumer Key and Consumer Secret Key
Open the link in a browser: http://twitter.com/oauth_clients/new
Enter the application details to obtain OAuth specific access.
Twitter generates Consumer Key and Consumer Secret Key for the associated Twitter user account. The keys will be used to obtain Access Token in the next steps.
Obtain the Access Token for OAuth
It is a three level process.
1. Generate Authorization URL
2. Obtain PIN
3. Generate Access Token
The code to perform this one time setup is: OAuthSetup.java
The code output:
C:\>java OAuthSetup
Open the following URL and grant access to your account:
http://api.twitter.com/oauth/authorize?auth_token=Vy8qPu0hWf5iFK4q4yCuQBQpOd9Xpjgd8qj98saULP
Open the URL in the browser
Enter the twitter account user name and password and select ‘Allow’
Note the generated PIN
Enter the PIN at the prompt in the OAuthSetup.java program, and generate the Access Token.
Note down the Access Token and Access Security Token and save it safe. This will be used in the twitter client to authenticate.
Here is a sample twitter client usage in Java which uses OAuth with Consumer Key, Consumer Secret Key, Access Token and Access Security Token to authenticate with twitter.com.
TwitterFactory factory = new TwitterFactory();
AccessToken accessToken = new AccessToken("Access Token", "Access Security Token");
Twitter twitter = factory.getOAuthAuthorizedInstance("Consumer Key", "Consumer Secret Key", accessToken);