I've just pushed out a new open source java OAuth library because I couldn't find one that did what I needed. My key requirement was simplicity. I didn't like the idea of using the library for HTTP stuff and there is no reason I should. Once I've obtained the Access Token all I'm doing with oAuth is signing my requests. I want to use HttpClient directly and only use the oAuth library to sign the message for various reasons not the least of which being that I already have a HttpClient object setup in my IoC container. The closest I found was signpost but it wasn't very IoC friendly or thread-safe which meant every time I wanted to make a call I'd have to create new objects, or at the very least call a bunch of methods to set them up which highlights the third problem, there were no clear objects that I could store for later. The library I've just release is a fork of the signpost code, that's now thread-safe and should be more IoC friendly. You create your method calls as you would normally, and just before you callYou'll have to send the user off to twitter to check their credentials. When they come back they'll be given a verifier set it and trade the request token for an access tokenNow you can store the accessToken to use later, when you want to simply setup your http method as you would normally.There is also code in there for the Jetty HttpClient, but it's a bit rough and I haven't used it. Have play with it and let me know what you think. UPDATE: Forgot to link to it... Dumb. It's on GitHub here.
OAuthConsumer.sign(HttpMethod, AccessToken);. I've added a few new objects that handle most of the work. Service, RequestToken and AccessToken are all beans that you pass to a consumer depending on what you want to do. Starting with a Service you call
Service service = new Service(); service.setRequestTokenUrl("http://twitter.com/oauth/request_token"); service.setAccessTokenUrl("http://twitter.com/oauth/access_token"); service.setConsumerKey("b8sA385mBBNqOTD6Omlsw"); service.setSharedSecret("MD4Sve6AdaDasjdvOAsbpAJsA87S8s64e5rE4"); service.setMessageSigner(new PlainTextMessageSigner()); service.setSigningStrategy(new AuthorizationHeaderSigningStrategy()); RequestToken requestToken = oAuthConsumer.getRequestToken(twitter);
requestToken.setVerifier(verifier): AccessToken accessToken = oAuthConsumer.getAccessToken(requestToken);
HttpUriRequest request... // do your HttpClient stuff here oAuthConsumer.sign(request, accessToken); HttpResponse response = httpClient.execute(request);