0

I am developing Spring MVC + Apache Oltu + Twitter example. In this example, I created a client Id and Secrete from the link : https://apps.twitter.com/app/new by registering/creating the application there. Now with the help of ClientId and Secrete I want to call the REST API of Twitter. I also followed the link to get the scope https://developers.artsy.net/docs/authentication.

I used the following parameters in my application:

AUTHORIZATION_URL = "https://api.twitter.com/oauth/authorize";
CLIENT_ID = "RSvE3qVXXXXXXXXXXXXXXXX";
CLIENT_SECRET = "nKEWRoOcXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
REDIRECT_URL = "http://localhost:8080/apache-oltu/twitter/redirect";
ACCESS_TOKEN_URL = "https://api.twitter.com/oauth/access_token";

The clientId and secrete I not showing here correctly for security purpose. Now when I call my controller I see the following error from twitter.

enter image description here

My controller is actually redirecting to :

https://api.twitter.com/oauth/authorize?scope=offline_access&response_type=code&redirect_uri=
http%3A%2F%2Flocalhost%3A8080%2Fapache-oltu%2Ftwitter%2Fredirect&client_id=RSvE3qV6Hxfdgv39RJIjDvhhc

Please guide/ help me what is going wrong here. Any help ?

Is the scope=offline_access is correct ? I've shared some code from my 

controller:
@Controller
@RequestMapping("/twitter")
public class TwitterController {
    private static final Logger LOGGER = LoggerFactory.getLogger(TwitterController.class);

    private static final String AUTHORIZATION_URL = "https://api.twitter.com/oauth/authorize";
    private static final String CLIENT_ID = "RSvE3qVXXXXXXXXXXXXXXXXXXXXXX";
    private static final String CLIENT_SECRET = "nKEWRoXXXXXXXXXXXXXXXXXXXXXXXXXX";
    private static final String REDIRECT_URL = "http://localhost:8080/apache-oltu/twitter/redirect";
    private static final String ACCESS_TOKEN_URL = "https://api.twitter.com/oauth/access_token";

    @RequestMapping(value = "/auth", method = RequestMethod.GET)
    public String authenticate() throws OAuthSystemException {
        OAuthClientRequest request = OAuthClientRequest
                .authorizationLocation(AUTHORIZATION_URL)
                .setClientId(CLIENT_ID)
                .setRedirectURI(REDIRECT_URL)
                .setResponseType("code")
                .setScope("offline_access")
                .buildQueryMessage();

        System.out.println("REDIRECT TO: "+request.getLocationUri());
        return "redirect:" + request.getLocationUri();
    }

    @RequestMapping(value = "/redirect", method = RequestMethod.GET)
    public HttpEntity<String> redirect(@RequestParam(value = "code", required = false) String code) throws OAuthSystemException, OAuthProblemException {
        String value = "UNKNOWN";

        if (code != null && code.length() > 0) {
            System.out.println("Received CODE: "+code);
            getAccessToken(code);
            value = code;
        }

        return new ResponseEntity<String>(value,HttpStatus.OK);
    }
..........................
.........................
}

Any help ?

1 Answers1

0

Refer to this doc. https://dev.twitter.com/web/sign-in/implementing

I believe you need to call Request token URL (https://api.twitter.com/oauth/request_token) to get the oauth_token before calling Authorize URL (https://api.twitter.com/oauth/authorize).

It is extra step and other OAuth providers...

songjing
  • 545
  • 4
  • 22