Spring Social brings Social Connectivity to Java
Today's release of SpringSocial 1.0 brings a standardised way to connect to social providers under a consistent API. The providers supported for the initial release include connectivity to Twitter, Facebook, GitHub and Trippit, and includes an SPI for other providers to be added.
The goal of SpringSocial is to provide programmatic access to social oriented sites (those that deal with a 'status' or have other ways of exchanging messages). It can also be used to provide a sign-in controller which allows the user to sign in with their Facebook/Twitter handle rather than having to have a dedicated authentication provider.
Since many of these sites use OAuth to provide authentication, the primary use case for SpringSocial is in a web-based application that can perform the web redirects necessary to authenticate a user in a web flow. For example, an on-line shopping application might allow a user to sign in with their Facebook credentials and provide a means to post offers to that site.
However, not all providers use the same variation of OAuth. There are three versions of OAuth in use; 1.0, 1.0a and 2.0 – and a variety of providers use different flavours. The SpringSocial core SPI has means for talking across these dialects, and each provider (Twitter, Facebook) has the definitions built-in to allow connectivity for that specific provider. (The 1.0 and 1.0a are almost identical, but the latter fixes a security bug which uses the OAuth key to sign the originating domain as well as the request, not just the URL.)
A variety of quick start documentation and samples are available. SpringSocial 1.0 requires Spring Core 3.0.5 or greater, although Spring Core 3.1 is recommended. It is available for immediate download, or can be added to a project by adding Maven dependencies.
Martin Thompson Jul 27, 2014