Tessl Tile for maven/com.github.scribejava/scribejava-apis@8.3.0

or run

npx @tessl/cli init

Version

Tile

Overview

Evals

Files

docs

custom-tokens.md index.md oauth1a-providers.md oauth2-providers.md specialized-services.md token-extractors.md

oauth1a-providers.mddocs/

0
# OAuth 1.0a Provider APIs
1

2
OAuth 1.0a provider implementations for legacy OAuth providers that use the three-legged authorization flow with request tokens and signature-based authentication. All OAuth 1.0a APIs extend `DefaultApi10a` and follow the singleton pattern.
3

4
## Capabilities
5

6
### Twitter API
7

8
Twitter OAuth 1.0a API with standard authorization and "authenticate" variant for friendlier user experience.
9

10
```java { .api }
11
public class TwitterApi extends DefaultApi10a {
12
    public static TwitterApi instance();
13
    public String getAccessTokenEndpoint(); // https://api.twitter.com/oauth/access_token
14
    public String getRequestTokenEndpoint(); // https://api.twitter.com/oauth/request_token  
15
    public String getAuthorizationBaseUrl(); // https://api.twitter.com/oauth/authorize
16
    
17
    // Nested class for friendlier authorization flow
18
    public static class Authenticate extends TwitterApi {
19
        public static Authenticate instance();
20
        public String getAuthorizationBaseUrl(); // https://api.twitter.com/oauth/authenticate
21
    }
22
}
23
```
24

25
**Usage Example:**
26
```java
27
// Standard Twitter OAuth
28
OAuth10aService service = new ServiceBuilder("consumer_key")
29
    .apiSecret("consumer_secret")
30
    .callback("http://localhost:8080/callback")
31
    .build(TwitterApi.instance());
32

33
// Twitter authentication variant (friendlier UI)
34
OAuth10aService authService = new ServiceBuilder("consumer_key")
35
    .apiSecret("consumer_secret")
36
    .callback("http://localhost:8080/callback")
37
    .build(TwitterApi.Authenticate.instance());
38

39
// OAuth 1.0a flow
40
OAuth1RequestToken requestToken = service.getRequestToken();
41
String authUrl = service.getAuthorizationUrl(requestToken);
42
// After user authorization...
43
OAuth1AccessToken accessToken = service.getAccessToken(requestToken, "oauth_verifier");
44
```
45

46
### Yahoo APIs
47

48
Yahoo OAuth 1.0a and 2.0 APIs for Yahoo services.
49

50
```java { .api }
51
public class YahooApi extends DefaultApi10a {
52
    public static YahooApi instance();
53
    public String getAccessTokenEndpoint(); // https://api.login.yahoo.com/oauth/v2/get_token
54
    public String getRequestTokenEndpoint(); // https://api.login.yahoo.com/oauth/v2/get_request_token
55
    public String getAuthorizationBaseUrl(); // https://api.login.yahoo.com/oauth/v2/request_auth
56
}
57

58
// OAuth 2.0 version also available
59
public class YahooApi20 extends DefaultApi20 {
60
    public static YahooApi20 instance();
61
    public String getAccessTokenEndpoint(); // https://api.login.yahoo.com/oauth2/token
62
    protected String getAuthorizationBaseUrl(); // https://api.login.yahoo.com/oauth2/authorize
63
}
64
```
65

66
### Photo and Media APIs
67

68
OAuth 1.0a APIs for photo sharing and media platforms.
69

70
```java { .api }
71
public class FlickrApi extends DefaultApi10a {
72
    public static FlickrApi instance();
73
    public String getAccessTokenEndpoint(); // https://www.flickr.com/services/oauth/access_token
74
    public String getRequestTokenEndpoint(); // https://www.flickr.com/services/oauth/request_token
75
    public String getAuthorizationBaseUrl(); // https://www.flickr.com/services/oauth/authorize
76
}
77

78
public class TumblrApi extends DefaultApi10a {
79
    public static TumblrApi instance();
80
    public String getAccessTokenEndpoint(); // https://www.tumblr.com/oauth/access_token
81
    public String getRequestTokenEndpoint(); // https://www.tumblr.com/oauth/request_token
82
    public String getAuthorizationBaseUrl(); // https://www.tumblr.com/oauth/authorize
83
}
84
```
85

86
### Business and Productivity APIs
87

88
OAuth 1.0a APIs for business and productivity platforms.
89

90
```java { .api }
91
public class TrelloApi extends DefaultApi10a {
92
    public static TrelloApi instance();
93
    public String getAccessTokenEndpoint(); // https://trello.com/1/OAuthGetAccessToken
94
    public String getRequestTokenEndpoint(); // https://trello.com/1/OAuthGetRequestToken
95
    public String getAuthorizationBaseUrl(); // https://trello.com/1/OAuthAuthorizeToken
96
}
97

98
public class EtsyApi extends DefaultApi10a {
99
    public static EtsyApi instance();
100
    public String getAccessTokenEndpoint(); // https://openapi.etsy.com/v2/oauth/access_token
101
    public String getRequestTokenEndpoint(); // https://openapi.etsy.com/v2/oauth/request_token
102
    public String getAuthorizationBaseUrl(); // https://www.etsy.com/oauth/signin
103
}
104

105
public class LinkedInApi extends DefaultApi10a {
106
    public static LinkedInApi instance();
107
    public String getAccessTokenEndpoint(); // https://api.linkedin.com/uas/oauth/accessToken
108
    public String getRequestTokenEndpoint(); // https://api.linkedin.com/uas/oauth/requestToken
109
    public String getAuthorizationBaseUrl(); // https://www.linkedin.com/uas/oauth/authenticate
110
}
111
```
112

113
### Location and Social APIs
114

115
OAuth 1.0a APIs for location services and social platforms.
116

117
```java { .api }
118
public class FoursquareApi extends DefaultApi10a {
119
    public static FoursquareApi instance();
120
    public String getAccessTokenEndpoint(); // https://foursquare.com/oauth/access_token
121
    public String getRequestTokenEndpoint(); // https://foursquare.com/oauth/request_token
122
    public String getAuthorizationBaseUrl(); // https://foursquare.com/oauth/authorize
123
}
124

125
public class MeetupApi extends DefaultApi10a {
126
    public static MeetupApi instance();
127
    public String getAccessTokenEndpoint(); // https://api.meetup.com/oauth/access/
128
    public String getRequestTokenEndpoint(); // https://api.meetup.com/oauth/request/
129
    public String getAuthorizationBaseUrl(); // https://secure.meetup.com/oauth/authorize/
130
}
131

132
public class ViadeoApi extends DefaultApi10a {
133
    public static ViadeoApi instance();
134
    public String getAccessTokenEndpoint(); // https://secure.viadeo.com/oauth-provider/access_token
135
    public String getRequestTokenEndpoint(); // https://secure.viadeo.com/oauth-provider/request_token
136
    public String getAuthorizationBaseUrl(); // https://secure.viadeo.com/oauth-provider/authorize
137
}
138

139
public class XingApi extends DefaultApi10a {
140
    public static XingApi instance();
141
    public String getAccessTokenEndpoint(); // https://api.xing.com/v1/access_token
142
    public String getRequestTokenEndpoint(); // https://api.xing.com/v1/request_token
143
    public String getAuthorizationBaseUrl(); // https://www.xing.com/v1/authorize
144
}
145
```
146

147
### Regional and Other APIs
148

149
OAuth 1.0a APIs for regional platforms and other services.
150

151
```java { .api }
152
public class SinaWeiboApi extends DefaultApi10a {
153
    public static SinaWeiboApi instance();
154
    public String getAccessTokenEndpoint(); // https://api.weibo.com/oauth/access_token
155
    public String getRequestTokenEndpoint(); // https://api.weibo.com/oauth/request_token
156
    public String getAuthorizationBaseUrl(); // https://api.weibo.com/oauth/authorize
157
}
158

159
public class AWeberApi extends DefaultApi10a {
160
    public static AWeberApi instance();
161
    public String getAccessTokenEndpoint(); // https://auth.aweber.com/1.0/oauth/access_token
162
    public String getRequestTokenEndpoint(); // https://auth.aweber.com/1.0/oauth/request_token
163
    public String getAuthorizationBaseUrl(); // https://auth.aweber.com/1.0/oauth/authorize
164
}
165

166
public class DiggApi extends DefaultApi10a {
167
    public static DiggApi instance();
168
    public String getAccessTokenEndpoint(); // http://services.digg.com/oauth/access_token
169
    public String getRequestTokenEndpoint(); // http://services.digg.com/oauth/request_token
170
    public String getAuthorizationBaseUrl(); // http://digg.com/oauth/authenticate
171
}
172
```
173

174
## Complete OAuth 1.0a Provider List
175

176
All extend `DefaultApi10a` and use `instance()` singleton pattern:
177

178
- `AWeberApi` - AWeber email marketing
179
- `DiggApi` - Digg social news aggregation
180
- `EtsyApi` - Etsy marketplace  
181
- `FlickrApi` - Flickr photo sharing
182
- `FoursquareApi` - Foursquare location services (legacy)
183
- `LinkedInApi` - LinkedIn professional network (legacy)
184
- `MeetupApi` - Meetup event platform (legacy)
185
- `SinaWeiboApi` - Sina Weibo Chinese microblog (legacy)
186
- `TrelloApi` - Trello project management
187
- `TumblrApi` - Tumblr blogging platform
188
- `TwitterApi` - Twitter microblogging (includes Authenticate variant)
189
- `ViadeoApi` - Viadeo professional network
190
- `XingApi` - Xing professional network
191
- `YahooApi` - Yahoo services (legacy)
192

193
## Common Usage Patterns
194

195
### Standard OAuth 1.0a Flow
196
```java
197
// 1. Create service
198
OAuth10aService service = new ServiceBuilder("consumer_key")
199
    .apiSecret("consumer_secret")
200
    .callback("http://localhost:8080/callback")
201
    .build(ProviderApi.instance());
202

203
// 2. Get request token
204
OAuth1RequestToken requestToken = service.getRequestToken();
205

206
// 3. Get authorization URL
207
String authUrl = service.getAuthorizationUrl(requestToken);
208

209
// 4. Exchange request token + verifier for access token
210
OAuth1AccessToken accessToken = service.getAccessToken(requestToken, "oauth_verifier");
211

212
// 5. Make authenticated requests
213
OAuthRequest request = new OAuthRequest(Verb.GET, "https://api.provider.com/user");
214
service.signRequest(accessToken, request);
215
Response response = service.execute(request);
216
```
217

218
### Twitter Authentication vs Authorization
219
```java
220
// Standard authorization - shows permissions screen every time
221
OAuth10aService authService = new ServiceBuilder("consumer_key")
222
    .apiSecret("consumer_secret")
223
    .build(TwitterApi.instance());
224

225
// Authentication variant - friendlier UI, skips permissions if already granted
226
OAuth10aService authService = new ServiceBuilder("consumer_key")
227
    .apiSecret("consumer_secret")
228
    .build(TwitterApi.Authenticate.instance());
229
```
230

231
## Key Differences from OAuth 2.0
232

233
### Request Token Step
234
OAuth 1.0a requires an additional request token step before authorization:
235
1. Get request token from provider
236
2. Redirect user to authorization URL with request token
237
3. Exchange request token + verifier for access token
238

239
### Signature-Based Authentication
240
OAuth 1.0a uses cryptographic signatures instead of bearer tokens:
241
- Requests are signed using consumer secret and token secret
242
- No separate authentication header needed
243
- More complex but more secure against token interception
244

245
### No Refresh Tokens
246
OAuth 1.0a access tokens typically don't expire and cannot be refreshed:
247
- Access tokens are long-lived
248
- No automatic token refresh mechanism
249
- Re-authorization required if token becomes invalid

Version

Tile

Files

oauth1a-providers.md.css-3qkkll{font-size:var(--chakra-font-sizes-sm);font-weight:var(--chakra-font-weights-normal);color:var(--chakra-colors-gray-300);}docs/

oauth1a-providers.mddocs/