You are looking at documentation for an older release. Not what you want? See the current release documentation.
The interface OAuthProvider is a part of our public API. It is the entry point to perform operations on OAuth providers (social networks).
Please refer to OAuth section for details about the configuration of eXo Platform which is necessary to use OAuth providers (Facebook, Google, Twitter) for authentication of users. Once a user is logged in (or his account is linked with OAuth provider), his access token is saved in eXo Platform IDM database as a part of his User Profile. Then it is possible to retrieve his OAuth access token via OAuthProvider interface and run its operations. It is also possible to revoke or validate existing access tokens or send request to obtain new access tokens with more scopes (privileges).
Retrieve an Instance of OAuthProvider
First, you need to retrieve the appropriate instance of OAuthProvider from Portal:
Portal portal = PortalRequest.getInstance().getPortal();
OAuthProvider facebookProvider = portal.getOAuthProvider(OAuthProvider.FACEBOOK)
Currently eXo Platform supports three OAuth providers:
OAuthProvider.FACEBOOK for Facebook.
OAuthProvider.GOOGLE for Google+.
OAuthProvider.TWITTER for Twitter.
The following snippet shows some basic use of OAuthProvider API:
// Retrieve instance of Google OAuth provider
OAuthProvider googleProvider = PortalRequest.getInstance().getPortal().getOAuthProvider(OAuthProvider.GOOGLE);
// Check if Google was enabled in configuration.properties
if (googleProvider == null) {
renderResp.getWriter().println("Authentication with Google not available. See OAuth section in Reference Guide for how to enable it");
return;
}
// Retrieve the key and display name of the social network
String key = googleProvider.getKey();
String friendlyName = googleProvider.getFriendlyName();
renderResp.getWriter().println(friendlyName + " is enabled");
// Retrieve access token of the current user
AccessToken accessToken = googleProvider.loadAccessToken(renderReq.getRemoteUser());
// Check if access token is available. It's the case when this user was registered/authenticated into portal
// through Google+ or if he linked his account with Google+
if (accessToken == null) {
renderResp.getWriter().println("Your account is not linked with Google+. You can link it in 'Social network' tab of " +
"user settings or you can authenticate through Google into portal");
return;
}
// Check if access token is valid and refresh it if necessary
try {
accessToken = googleProvider.validateTokenAndUpdateScopes(accessToken);
} catch (OAuthApiException oauthException) {
if (oauthException.getExceptionCode().equals(OAuthApiExceptionCode.ACCESS_TOKEN_ERROR)) {
renderResp.getWriter().println("Your access token is invalid or has been revoked");
} else if (oauthException.getExceptionCode().equals(OAuthApiExceptionCode.IO_ERROR)) {
renderResp.getWriter().println("Network error during the communication with Google");
}
}
// Check all available scopes
String availableScopes = accessToken.getAvailableScopes();
// Check if we have scope to call Google+ operations
if (!availableScopes.contains("https://www.googleapis.com/auth/plus.login")) {
// Redirect to Google+ and ask for plus.login scope
googleProvider.startOAuthWorkflow("https://www.googleapis.com/auth/plus.login");
return;
}
// Obtain Google API object to call Google plus API operations
Plus service = googleProvider.getAuthorizedSocialApiObject(accessToken, Plus.class);
// Retrieve activities from Google+ wall of user
ActivityFeed activityFeed = service.activities().list("me", "public").execute();
for (Activity activity : activityFeed.getItems()) {
renderResp.getWriter().println(activity.getTitle());
}
// Revoke the access token. It won't be possible to run any operations with it anymore.
// And your application will be cleared from Google applications of current user on page https://plus.google.com/apps
googleProvider.revokeToken(accessToken);
// Remove the token from the UserProfile of the current user
googleProvider.removeAccessToken(request.getRemoteUser());
Access to Provider-Specific Operations
Method
<!-- <br/> --><span class="java_plain">oauthProvider</span><!-- <br/> --><span class="java_separator">.</span><!-- <br/> --><span class="java_plain">getAuthorizedSocialApiObject</span><!-- <br/> --><span class="java_separator">()</span>
is useful for obtaining access to provider-specific operations. This method usually returns objects from a 3rd party library. Those objects are always initialized with access token of the current user and can be used to retrieve data from the related social network.
Google: There are two supported types usable as arguments of this method:
com.google.api.services.plus.Plus : Google Plus API class, which can be used to call operations on Google Plus. See GoogleActivitiesPortlet and GoogleFriendsPortlet in Social Portlets example.
com.google.api.services.oauth2.Oauth2: Oauth2 class, which provides operations related to user, such as obtaining his Google user profile details or obtaining information about his access token. See GoogleUserInfoPortlet in Social Portlets example.
Twitter: There is only one supported type for Twitter: twitter4j.Twitter. An instance of this class can be used e.g. to retrieve user details, number of his tweets, number of his friends, his last tweets, etc. See TwitterPortlet in Social Portlets example.
Facebook: There is no supported type for Facebook. In Social Portlets example, we are using the 3rd party library RestFB directly to perform operations against Facebook.