OAuth1 standalone app sample for consumer?

[andyww]

The provided tonr sample is a web based application. The invocation is triggerred by user clicking on something through the web page. Now I have a scheduled job that needs to access other provides as a consumer. How do I do it?

In web based environment, everything is done through this:

Code:

  <oauth:consumer  resource-details-service-ref="resourceDetails" token-services-ref="tokenService" oauth-failure-page="/login/oauth_error.jsp">
    <oauth:url pattern="/user/**" resources="myService"/>
    <oauth:url pattern="/login/**" resources="none"/>
  </oauth:consumer>

I a standalone app environment, is there anyway similar to configure?

[andyww]

anyone can help?

[Dave Syer]

My last comment in https://jira.springsource.org/browse/SECOAUTH-28 shows you how you might do it with OAuth2. I don't think it's that different with OAuth1. You might also want to look at Spring Social since they have a wide variety of features for client side (consumer) support.

[andyww]

Thanks Dave. I've been through the thread and it seems it'g gonna be quite complicated in order to wirte a client that supports multi connections for a single user. Spring OAuth seems not capable for this kind of task. Looks like I have to swap to another library. Spring social looks good but it's too much about SNS. Do you have recommandations for other libraries?

[Dave Syer]

I'm not really sure what you mean by "multiple connections for a single user". Why is that any harder than a single connection, and why do you need it anyway? If you don't think the framework meets your needs feel free to raise JIRA tickets and contribute code (see README for details).

[andyww]

Sorry Dave. I saw the JIRA ticket you've mentioned and realized it's not easy for my situation. Here is my situation. I have around 2000 tokens/secrets stored in my table. When a user login to the system, he/she can connect the server by using his/her own token. When I have this configured:

Code:

<oauth:url pattern="/user/**" resources="myService"/>

When my user tries to access /user/**, the spring oauth framework will do the oauth authentication for him automatically. This is fine so far. However, I have a timer that needs to use user's token to access the oauth provider periodically. I can't seem to find a easy way to do that.

Basically if the operation is triggerd by user accesing /user/**, everything works perfectly. If the operation is trigger by a system timer, I can't see there's any simple way doing it.