tessl/maven-com-github-scribejava--scribejava-apis
OAuth client library APIs for 50+ major OAuth 1.0a and 2.0 providers
—
Pending
oauth1a-providers.mddocs/
OAuth 1.0a Provider APIs
OAuth 1.0a provider implementations for legacy OAuth providers that use the three-legged authorization flow with request tokens and signature-based authentication. All OAuth 1.0a APIs extend DefaultApi10a and follow the singleton pattern.
Capabilities
Twitter API
Twitter OAuth 1.0a API with standard authorization and "authenticate" variant for friendlier user experience.
public class TwitterApi extends DefaultApi10a {
public static TwitterApi instance();
public String getAccessTokenEndpoint(); // https://api.twitter.com/oauth/access_token
public String getRequestTokenEndpoint(); // https://api.twitter.com/oauth/request_token
public String getAuthorizationBaseUrl(); // https://api.twitter.com/oauth/authorize
// Nested class for friendlier authorization flow
public static class Authenticate extends TwitterApi {
public static Authenticate instance();
public String getAuthorizationBaseUrl(); // https://api.twitter.com/oauth/authenticate
}
}Usage Example:
// Standard Twitter OAuth
OAuth10aService service = new ServiceBuilder("consumer_key")
.apiSecret("consumer_secret")
.callback("http://localhost:8080/callback")
.build(TwitterApi.instance());
// Twitter authentication variant (friendlier UI)
OAuth10aService authService = new ServiceBuilder("consumer_key")
.apiSecret("consumer_secret")
.callback("http://localhost:8080/callback")
.build(TwitterApi.Authenticate.instance());
// OAuth 1.0a flow
OAuth1RequestToken requestToken = service.getRequestToken();
String authUrl = service.getAuthorizationUrl(requestToken);
// After user authorization...
OAuth1AccessToken accessToken = service.getAccessToken(requestToken, "oauth_verifier");Yahoo APIs
Yahoo OAuth 1.0a and 2.0 APIs for Yahoo services.
public class YahooApi extends DefaultApi10a {
public static YahooApi instance();
public String getAccessTokenEndpoint(); // https://api.login.yahoo.com/oauth/v2/get_token
public String getRequestTokenEndpoint(); // https://api.login.yahoo.com/oauth/v2/get_request_token
public String getAuthorizationBaseUrl(); // https://api.login.yahoo.com/oauth/v2/request_auth
}
// OAuth 2.0 version also available
public class YahooApi20 extends DefaultApi20 {
public static YahooApi20 instance();
public String getAccessTokenEndpoint(); // https://api.login.yahoo.com/oauth2/token
protected String getAuthorizationBaseUrl(); // https://api.login.yahoo.com/oauth2/authorize
}Photo and Media APIs
OAuth 1.0a APIs for photo sharing and media platforms.
public class FlickrApi extends DefaultApi10a {
public static FlickrApi instance();
public String getAccessTokenEndpoint(); // https://www.flickr.com/services/oauth/access_token
public String getRequestTokenEndpoint(); // https://www.flickr.com/services/oauth/request_token
public String getAuthorizationBaseUrl(); // https://www.flickr.com/services/oauth/authorize
}
public class TumblrApi extends DefaultApi10a {
public static TumblrApi instance();
public String getAccessTokenEndpoint(); // https://www.tumblr.com/oauth/access_token
public String getRequestTokenEndpoint(); // https://www.tumblr.com/oauth/request_token
public String getAuthorizationBaseUrl(); // https://www.tumblr.com/oauth/authorize
}Business and Productivity APIs
OAuth 1.0a APIs for business and productivity platforms.
public class TrelloApi extends DefaultApi10a {
public static TrelloApi instance();
public String getAccessTokenEndpoint(); // https://trello.com/1/OAuthGetAccessToken
public String getRequestTokenEndpoint(); // https://trello.com/1/OAuthGetRequestToken
public String getAuthorizationBaseUrl(); // https://trello.com/1/OAuthAuthorizeToken
}
public class EtsyApi extends DefaultApi10a {
public static EtsyApi instance();
public String getAccessTokenEndpoint(); // https://openapi.etsy.com/v2/oauth/access_token
public String getRequestTokenEndpoint(); // https://openapi.etsy.com/v2/oauth/request_token
public String getAuthorizationBaseUrl(); // https://www.etsy.com/oauth/signin
}
public class LinkedInApi extends DefaultApi10a {
public static LinkedInApi instance();
public String getAccessTokenEndpoint(); // https://api.linkedin.com/uas/oauth/accessToken
public String getRequestTokenEndpoint(); // https://api.linkedin.com/uas/oauth/requestToken
public String getAuthorizationBaseUrl(); // https://www.linkedin.com/uas/oauth/authenticate
}Location and Social APIs
OAuth 1.0a APIs for location services and social platforms.
public class FoursquareApi extends DefaultApi10a {
public static FoursquareApi instance();
public String getAccessTokenEndpoint(); // https://foursquare.com/oauth/access_token
public String getRequestTokenEndpoint(); // https://foursquare.com/oauth/request_token
public String getAuthorizationBaseUrl(); // https://foursquare.com/oauth/authorize
}
public class MeetupApi extends DefaultApi10a {
public static MeetupApi instance();
public String getAccessTokenEndpoint(); // https://api.meetup.com/oauth/access/
public String getRequestTokenEndpoint(); // https://api.meetup.com/oauth/request/
public String getAuthorizationBaseUrl(); // https://secure.meetup.com/oauth/authorize/
}
public class ViadeoApi extends DefaultApi10a {
public static ViadeoApi instance();
public String getAccessTokenEndpoint(); // https://secure.viadeo.com/oauth-provider/access_token
public String getRequestTokenEndpoint(); // https://secure.viadeo.com/oauth-provider/request_token
public String getAuthorizationBaseUrl(); // https://secure.viadeo.com/oauth-provider/authorize
}
public class XingApi extends DefaultApi10a {
public static XingApi instance();
public String getAccessTokenEndpoint(); // https://api.xing.com/v1/access_token
public String getRequestTokenEndpoint(); // https://api.xing.com/v1/request_token
public String getAuthorizationBaseUrl(); // https://www.xing.com/v1/authorize
}Regional and Other APIs
OAuth 1.0a APIs for regional platforms and other services.
public class SinaWeiboApi extends DefaultApi10a {
public static SinaWeiboApi instance();
public String getAccessTokenEndpoint(); // https://api.weibo.com/oauth/access_token
public String getRequestTokenEndpoint(); // https://api.weibo.com/oauth/request_token
public String getAuthorizationBaseUrl(); // https://api.weibo.com/oauth/authorize
}
public class AWeberApi extends DefaultApi10a {
public static AWeberApi instance();
public String getAccessTokenEndpoint(); // https://auth.aweber.com/1.0/oauth/access_token
public String getRequestTokenEndpoint(); // https://auth.aweber.com/1.0/oauth/request_token
public String getAuthorizationBaseUrl(); // https://auth.aweber.com/1.0/oauth/authorize
}
public class DiggApi extends DefaultApi10a {
public static DiggApi instance();
public String getAccessTokenEndpoint(); // http://services.digg.com/oauth/access_token
public String getRequestTokenEndpoint(); // http://services.digg.com/oauth/request_token
public String getAuthorizationBaseUrl(); // http://digg.com/oauth/authenticate
}Complete OAuth 1.0a Provider List
All extend DefaultApi10a and use instance() singleton pattern:
AWeberApi- AWeber email marketingDiggApi- Digg social news aggregationEtsyApi- Etsy marketplaceFlickrApi- Flickr photo sharingFoursquareApi- Foursquare location services (legacy)LinkedInApi- LinkedIn professional network (legacy)MeetupApi- Meetup event platform (legacy)SinaWeiboApi- Sina Weibo Chinese microblog (legacy)TrelloApi- Trello project managementTumblrApi- Tumblr blogging platformTwitterApi- Twitter microblogging (includes Authenticate variant)ViadeoApi- Viadeo professional networkXingApi- Xing professional networkYahooApi- Yahoo services (legacy)
Common Usage Patterns
Standard OAuth 1.0a Flow
// 1. Create service
OAuth10aService service = new ServiceBuilder("consumer_key")
.apiSecret("consumer_secret")
.callback("http://localhost:8080/callback")
.build(ProviderApi.instance());
// 2. Get request token
OAuth1RequestToken requestToken = service.getRequestToken();
// 3. Get authorization URL
String authUrl = service.getAuthorizationUrl(requestToken);
// 4. Exchange request token + verifier for access token
OAuth1AccessToken accessToken = service.getAccessToken(requestToken, "oauth_verifier");
// 5. Make authenticated requests
OAuthRequest request = new OAuthRequest(Verb.GET, "https://api.provider.com/user");
service.signRequest(accessToken, request);
Response response = service.execute(request);Twitter Authentication vs Authorization
// Standard authorization - shows permissions screen every time
OAuth10aService authService = new ServiceBuilder("consumer_key")
.apiSecret("consumer_secret")
.build(TwitterApi.instance());
// Authentication variant - friendlier UI, skips permissions if already granted
OAuth10aService authService = new ServiceBuilder("consumer_key")
.apiSecret("consumer_secret")
.build(TwitterApi.Authenticate.instance());Key Differences from OAuth 2.0
Request Token Step
OAuth 1.0a requires an additional request token step before authorization:
- Get request token from provider
- Redirect user to authorization URL with request token
- Exchange request token + verifier for access token
Signature-Based Authentication
OAuth 1.0a uses cryptographic signatures instead of bearer tokens:
- Requests are signed using consumer secret and token secret
- No separate authentication header needed
- More complex but more secure against token interception
No Refresh Tokens
OAuth 1.0a access tokens typically don't expire and cannot be refreshed:
- Access tokens are long-lived
- No automatic token refresh mechanism
- Re-authorization required if token becomes invalid
Install with Tessl CLI
npx tessl i tessl/maven-com-github-scribejava--scribejava-apis