Archive for December, 2011

login with twitter

Posted: 16 December 2011 in Uncategorized

I am playing at a “login with twitter” feature on my dev website and so I started looking at oauth in detail.
As a first step, I read The OAuth 1.0 Guide. It’s a bit complex, but I figured a few things out from it. The principles are not really that complicated, but it relies heavily on encryptions for oauth v1.0, so i used an Apache library called SignPost that did a lot of the work. OAuth v2.0 works differently so I implemented it directly without using any libraries other than the apache HTTP client.

I then went to my twitter account and registered an application there. The purpose is simply to create two tokens (a consumer key, a consumer secret) that will identify my application to Twitter when the site visitor wants to log in.

All I had to do was to create a “login with twitter” link on my page. When I got it working, I added a “login with facebook” (using oauth v2.0), “login with google+” (using oauth v2.0), “login with linkedin” (using oauth v1.0).

Since I got going with the API at linked-in and it is my most up to date profile, I saved my access tokens and used them to truly integrate my web app with my linkedin profile and read my profile summary and headline through the API. That way, the profile page on my site contains the same information as my linked-in profile. I think I will actually create a profiles page with company CVs generated from linked-in.

Most of these APIs are Restful web services returning JSON objects or XML, so integrating with them is really easy, especially with the addition of the json java library from that creates and transforms JSON objects to and from XML.

The access tokens I retrieve from the login providers are not stored yet. To me, they should just available during the session but it does open up some interesting marketing and intelligence capabilities, such as integrating with a couple of other google APIs to do automatic customer segmentation.