JavaFX + OAuth


As usual will start off with Wikipedia – OAuth (Open Authorization) – is an open standard that allows users to share their private resources (e.g. photos, videos, contact lists) stored on one site with another site without having to hand out their username and password. With more and more services moving to OAuth model, I think we need to try to have a generic implementation. Here is an attempt…

I prefer not to duplicate all those details available in various resources, so suggest to read few articles if you are not familiar with concepts of OAuth. Yahoo has a very detailed article outlining the flow of OAuth authorization or Beginner’s Guide to OAuth from Hueniverse. Please refer to same for more info..

You can try out yourself with demo below. You need to get consumer-key and consumer-secret from respective service providers – Twitter, LinkedIn or Yahoo


To launch click on above image or

First enter oauth_consumer_key and oauth_secret_key, click “Request Token” button. If key is proper, you will receive a message in log with a URL. Copy and paste that URL in browser and follow the instructions. Once you grant access to your application, it will return a number. Copy the number and paste it as oauth_verifier. Now click on “Access Token” button. It will return you oauth_token and oauth_token_secret which can be used for all subsequent communication.

Yes its a bit difficult to understand the overall flow and implementation. I have tried my best to simplify it. The API may be simplified a bit more. I have signed up for contributing to JFXtras long time back, but haven’t done anything yet. My objective was to pull in the various parsers that are used in different samples and create a library. I think all these can be incorporated into that…

Usage:


def oauthAPI = OAuthAPI.getInstance(
    <Service-Provider>, 
    <oauth_consumer_key>,
    <oauth_consumer_secret>
);

// Request Token Callback
oauthAPI.onRequestToken = function(response:String: Void {

}

// Access Token Callback
oauthAPI.onAccessToken = function(response:String: Void {

}

// Request Token
oauthAPI.requestToken();

// Access Token
oauthAPI.accessToken(<oauth_verifier>);
 

Refer to LinkedInAPI.fx to get an idea on how we can extend the implementation to have fulll fledged support.

Please try it out and let me know your suggestions and feedback..

Advertisements

About Rakesh Menon
-

9 Responses to JavaFX + OAuth

  1. alexsentcha says:

    Hi Rakesh,

    Little question.
    How did you do this green text box with the program inside? For wordpress.com?

    Thanks in advance!

    • Rakesh Menon says:

      Its provided by Freshy wordpress theme. If I specify code with in <div align=”left” class=”java”>….</div> it displays that background with line numbers.

  2. Pingback: JavaFX links of the week, April 19 // JavaFX News, Demos and Insight // FX Experience

  3. Pingback: Java desktop links of the week, April 19 | Jonathan Giles

  4. Jumpa says:

    Hi Rakesh,
    very useful post, I was getting an headache tryin’ to understand the whole stuff.
    Consider that for my IT Bachelor I’ve to develop two RIA using JavaFX: the first on Facebook and the second on Twitter. Thanks to your posts and your source code I had almost finished the second one, integrating on that, Twitter4J library and adding streaming feature, but then the nightmare: Both Facebook and Twitter passed to OAuth and Facebook changed its REST API.
    Anyway the not-so-smart question is: let’s suppose that I successfully get the two oauth_token (normal and secret one) the first time I ask them from the user: what’s the idea for the second (and so on) access? Have I to ask for (in Twitter case) screenName or id and search in a RDBMS if I have tokens for that? Many thanks for the attention and sorry for my poor english.

    • Rakesh Menon says:

      @ Jumpa I think there is some misunderstanding here, you will not request user to provide normal/secret key. Its just for use by application. You will only request the user to visit the generated URL and provide permission for your application to access the details. After this it will show some numbers, which is copied and pasted in application as oauth_verifier (This is the only information provided by user). So user’s of your application is not required to generate any keys, they just need to provide permission for your application to access their profile.

  5. Jumpa says:

    Sorry I’ve not explained well what I mean.
    Naturally, normal and secret key are not managed by the user, that only insert back in the app a 7 digits PIN. Question is: once that the application has been correctly authorized the first time, next time how can I identify the same user? Have I to request the PIN back again and repeat the whole process?

    • Rakesh Menon says:

      @Jumpa I think the timeout depends on the service provider. Some service provide indefinite access. Will have to check with corresponding documentation. Yes, will have to go through entire validation process, if it times-out or user logs-out.

  6. Pingback: « Java, JavaFX and beyond…

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: