Apr 6th, 2011, 06:23 PM
I'm looking to replace the AccessTokenProcessingFilter with an implementation that allows for XAuth as defined by Twitter. Since there is never any request or authorization made for access, I created a filter to check for the existence of x_auth_username, x_auth_password, and x_auth_mode, force require1.0a to false (since there is no request token involved) and I then authenticate the username/password combo, replace the ConsumerDetails with the UserDetails. I am unable to test this due to the fact that I cannot replace the filter. Is there some other better way to do this?
Apr 6th, 2011, 07:05 PM
I was able to replace the filter by creating a BeanPostProcessor. However, is there some way with the current filters to implement an xAuth scenario (consumer asks user for username and password, then makes a request for an access token with those credentials, then receives an access token and secret, and then uses that token and secret for all operations)?
Apr 11th, 2011, 12:15 PM
OAuth 2 has a defined flow for that, but Twitter might be waiting for the finalization of the spec before implementing it...