Announcement Announcement Module
No announcement yet.
Social without any authentication or authorization (one time auth) Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Social without any authentication or authorization (one time auth)


    I have a requirement whereby I need to implement connection with Fb/Tw etc using a one time authorization. I need to setup some widgets within a website which would always display feeds for a particular user - user1. One who visits the site does not need to sign in with his/her own id and seek for authorization since user1's id has already authorized that website app to be used for user1's contents.

    I see I can remove providerSignInController to get this feature but how do I authorize at least once? How do I define the userIdSource to be statically set?

    Assistance will be appreciated.


  • #2
    Looks like I need to inject & setup the h2 database with some initial dataset for user1. So far, I have written some code to check if user1 account is available, if not then it will be created one time. Following which, I am setting the SecurityContextHolder authentication explicitly for this user. Am I on the right track and what minimum dataset do i require?


    • #3
      If this is a one-time, one-user-only kinda thing, all you need to do is obtain the access token through some means and just create the TwitterTemplate and/or FacebookTemplate given that token. You don't need the connection framework to do all of that.

      Assuming that this one user is you, you can get a Twitter access token from your application's details page at For Facebook you can get one by using their Graph API Explorer (the only challenge is that the token will expire and you'll have to occasionally go get a new one).


      • #4
        Thanks Craig.

        Do I need to explicitly create these objects or the EnableTwitter etc annotations can do it for me? Looks like these expect more than just the token/key?

        Any showcase example which can show the way?


        • #5
          If you're just wanting to create a FacebookTemplate and TwitterTemplate (and don't need to go through the connection framework), then you can just create them on your own. No need for @EnableXXX annotations.


          • #6
            Thankyou Craig.

            What are my options if I do not want to have it expire every few days and have a persistent authorization against my website for fb/tw? Do I then need to use the connections framework and persist the connections in the in-memory database?


            • #7
              Additionally, I tried using just the template but get the below error. Do I need to create the FacebookConnectionFactory first and then use it to create a template?

              May 4, 2013 9:28:28 PM org.springframework.web.client.RestTemplate handleResponseError
              WARNING: GET request for "" resulted in 400 (Bad Request); invoking error handler
              May 4, 2013 9:28:29 PM org.apache.catalina.core.StandardWrapperValve invoke
              SEVERE: Servlet.service() for servlet appServlet threw exception
     eption: Authorization is required for the operation, but the API binding was created without authorization.
              at ookErrorHandler.handleFacebookError(FacebookErrorH
              at ookErrorHandler.handleError(FacebookErrorHandler.j ava:60)
              at org.springframework.web.client.RestTemplate.handle ResponseError(
              at org.springframework.web.client.RestTemplate.doExec ute(
              at org.springframework.web.client.RestTemplate.execut e(
              at org.springframework.web.client.RestTemplate.getFor Object(
              at ookTemplate.fetchConnections( :185)
              at ookTemplate.fetchConnections( :179)
              at dTemplate.getFriends(
              at dTemplate.getFriends(


              • #8
                I was able to get a connection with a fixed set of values - primarily my facebook id, url, access token, expiration time of the token etc. Following this, I was able to use the same connection object to build the facebook, twitter templates with their own access id & secret keys. Subsequently, using the templates to do operations on the facebook & twitter api was a cakewalk.

                thanks for all the help here!


                • #9
                  Sounds like you've got it all sorted out now, but just to be clear on the exception you got when invoking the getFriends() method. It looks like you constructed FacebookTemplate through its default constructor. There is a *VERY* limited number of operations you can perform in that mode and asking for friends is not one of them. You must construct it with an access token or else you'll get that same exception on many of the operations.


                  • #10
                    Yes Craig. I figured that I needed to pass in the required tokens to build the template. thanks!


                    • #11
                      Hi habuma i would like to thank you for giving such a clear idea and concepts. @Yassar- Never the less ,you efforts are very marvelous , wonderful.