First Spring Social Milestone to Integrate with Twitter, Facebook, LinkedIn and Tripit
Last week SpringSource released a first milestone for Spring Social, a Spring-based template for accessing social networking sites from within Java programs.
This first milestone includes templates for Twitter, Facebook, LinkedIn and Tripit. Rather than exposing generic, URL-based APIs, the Spring Social APIs are specifically designed for each social networking site and make integrating with those sites relatively straight forward. Each template is, in turn, built on top of Spring's RestTemplate, which is a generic template for accessing any REST-based web service.
To use Spring Social, developers:
- Manually set up a one-time developer account with the target social networking site.
- Programmatically request an OAuth token from the target social networking site for each new user.
- Instantiate the right Spring Source template (ie. TwitterTemplate), passing in their developer keys as well as the OAuth key for the current user.
- Call whatever method they like on the Spring Source template object, much like calling methods on a JdbcTemplate.
Once authorized, the application code required to manipulate a given social networking site is nearly trivial, as in the below example to get a user's LinkedIn connections:
LinkedInTemplate template = new LinkedInTemplate(developerApiKey, developerSecret, oauthAccessTokenValue, oauthAccessTokenSecret);
List <linkedinprofile> connections = template.getConnections();
Future milestones for Spring Social plan to include better documentation and more integrated management of OAuth services to store authorizations. At the moment, developers have to handle storing authorization keys somewhere and passing authorization keys to the Spring Social template. But the next Spring Social milestone will include code to make this process easier. SpringSource plans to base its ultimate OAuth solution on the code currently in Greenhouse.
Alternatives to Spring Social include using other, site-specific libraries. Twitter has the richest ecosystem of libraries like Twitter4J and others. Site-specific libraries for other sites are a little harder to come by, like the fork of Facebook's formerly official, now semi-abandoned Java API or RestFB.
Developers can also use OAuth helper libraries to do some heavy lifting and then just use the REST-like APIs of each service by directly manipulating URLs. Some popular OAuth libraries include Signpost, OAuth for Spring Security, Scribe, and others.
What does this replace?
For exampl, I am starting to develop an app that uses the new Salesforce REST API that allow OAuth2 authentication. What's a suggested approach? Try to implement a SalesforceTemplate like the ones in Spring Social using the low level API or maybe use OAuth for Spring?
A note about Greenhouse: while it does serve as a sample application, it is also hosted in production at greenhouse.springsource.org, and was used to power the recent SpringOne2gx conference in Chicago, IL, allowing members to follow the event in real-time from their mobile phones. I point this out because you'll find production quality application code you can use not only as a learning tool, but code you can look to take advantage of in your own applications.
Re: What does this replace?
#1. Spring Security OAuth, a subproject of Spring Security lead by Ryan Heaton that supports both OAuth 1 and 2 comprehensively.
#2. Scribe, a OAuth 1.0 client library lead by Pablo Fernandez with a nice API.
For your specific case, I would consider using the OAuth 2 client support in the Spring Security OAuth project. It's first milestone release under the org.springframework.security umbrella is now available as well. Yes, I would recommend implementing a SalesforceOperations API similar to what you see in Spring Social for Twitter, Facebook, LinkedIn, and TripIt. This allows you to hide the OAuth and REST details, and gives callers a clean domain-oriented API to use.
I would also recommend reviewing the "Service Provider" framework currently implemented in the Greenhouse project that provides an extensible model for registering new providers and establishing connections with them. As both Craig and Tim mentioned, this framework is being factored out from Greenhouse into Spring Social in a subsequent milestone. It makes the process of integrating a new ServiceProvider such as Salesforce into your application something like this:
1. Create an API interface/implementation for the new ServiceProvider e.g. SalesforceOperations/SalesforceTemplate.
2. Create a implementation of the ServiceProvider<S> interface e.g. SalesforceServiceProvider<SalesforceOperations>
3. Register the ServiceProvider<S> implementation with the system.
Once registered, users of your application can then establish connections to the provider. Once a connection is established, the application can then the Provider's Operations interface to invoke the API on behalf of the user.
Re: What does this replace?
However, a major focus of milestone 2 will be to bring the service provider framework in Greenhouse to Spring Social so that there is a more complete story of how OAuth details can be managed. To be a part of the Spring Social discussion, I invite you to visit the Spring Social forum at forum.springsource.org/forumdisplay.php?f=82. We want this project to be community-driven, so your input and involvement is greatly appreciated.
As the OAuth 2 is still quite new, there aren't many options available for working with OAuth 2. But I encourage you to check out Ryan Heaton's Spring Security for OAuth (static.springsource.org/spring-security/oauth/s...), as it has client support for OAuth 2 in its first milestone release. Also, be sure to visit the Spring Security for OAuth forum at forum.springsource.org/forumdisplay.php?f=79 for discussion on that topic.
Re: What does this replace?
I added spring social and oauth to my project where just yesterday I started to integrate with the brand new REST OAuth2 API for Salesforce. I'll move this discussion on the forum so maybe I will emerge with a SalesforceTemplate implementation instead of a custom one.
Sample Code on Spring Social Accessing Facebook
Paul Sydney Orozco
How Can We Use Our Creative Power and Technological Opportunity to Address the Challenges of the 21st Century?
Gyorgyi Galik Feb 26, 2015