O'Reilly logo

Programming Social Applications by Jonathan LeBlanc

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

OAuth 1.0a Workflow

First, let’s look at OAuth’s general workflow behind the scenes as we get the authorization for a user and acquire a token so we can access her privileged information:

  1. Obtain a consumer key and secret from the service provider that we are trying to access data from.

  2. Make a request to the service provider to obtain a request token to permit us to seek permissions from the user.

  3. Forward the user to the provider’s login and permission screens in order to obtain her authorization to use her personal information.

  4. Exchange the verified request token object for an access token, which allows us to make requests on the user’s behalf.

Let’s break down these steps further to see what is going on at a more granular level.

Obtain a consumer key and secret

To complete the OAuth workflow and start collecting a user’s social information, the first thing we need to do is to obtain a consumer key and secret from the provider from which we are trying to access data (e.g., Yahoo!, Google, Twitter). These keys are normally issued when we’re creating applications through the provider’s developer programs, such as:

There is a simple, standard process that you will follow when creating these applications to obtain the secret and key, as shown in Figure 9-1.

Figure 9-1. OAuth 1, step ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required