Using Spring Social To Update Status On Facebook, Twiiter and LinkedIn

A few short months back I learned about the new and exciting Spring Social project and now I finally have a chance play with it.  My goal was to integrate Spring Social into my small Spring MVC application called “Project Voting”, which lets users update their Facebook wall, send a tweet to Twitter and send a network update to LinkedIn. I would like use this blog to share what I learned from this small experiment and some personal comments about Spring Social M1 release.

This blog will cover the following topics:

  • OAuth dance overview
  • OAuth dance with Twitter, LinkedIn and Facebook
  • Using Spring Social templates

Spring Social’s main objective is to make it easy for Java applications to integrate with social network platforms, i.e. Facebook, Twitter, LinkedIn, etc.  It uses the same template technique that was used to make it very simple to work with JDBC or REST operations.  The templates I am referring to are,, and  Before you can use any of these templates, you need to provide an access token and/or access token secret.  What is an access token you ask?  Well, it all starts with OAuth dance.

OAuth Dance Overview

In a nutshell, OAuth allows you to share your private data reside on Facebook, Twitter, or LinkedIn with another site without having to hand out your user name and password.  OAuth protocol defines a series of steps to acquire an access token and these steps are known as the OAuth dance.  The OAuth dance is kind of like the “Texas Two Step” dance, it consists mainly of three steps (OAuth 1.0), which seem deceptively simple, but require time and dedication to master them.

Here is a short list of resources about OAuth dance:

The OAuth dance consists of three steps and the last step is when the access token is handed out.

  1. Establish request token
  2. Redirect user to authorization server – this is when user will enter his/her user name and password as well as granting authorizations for a website to access his/her data on his/her behalf
  3. Request access token

All major social network platforms implement OAuth protocol (some are on OAuth 1.0 and a few are on OAuth 2.0), which requires them to expose URLs for the above steps.  The beauty about a standard protocol is once you figure out how to work with one of these platforms, working with the next one is just a mattering of using the correct URLs.  OAuth libraries are widely available and there is a good chance you will find more than one  library for your favorite language.

OAuth Dance With Twitter, LinkedIn and Facebook

In my Java Spring powered web application,  I used a Java OAuth library called scribe.  One thing I really like about this library is that it provides examples to demonstrate how the OAuth dance works.  You just plugin the api key and api secret key into the sample code, and you are ready to go.   Another thing I like about scribe is that it has built in support for LinkedIn and Twitter, where the and classes contain the appropriate request token and access token URLs.  Before showing the code I would like to mention a couple of important classes in scribe for dealing OAuth dance.  They are and uses builder design pattern to build an implementation of OAuthService for a specific OAuth version (currently 1.0) implementation. interface defines a set of methods for the retrieval of request and access tokens and for the signing of HTTP requests.

The code below is for a use case where a user clicks on <a href=”liStartOAuth.htm”>Sign In with LinkedIn”</a>,  and this request goes to a Spring MVC  handler, which then initiates the request token process by asking SocialNetworkOAuthManager factory to create an instance of SocialNetworkOAuthManger for LinkedIn.  Once the request token is successfully retrieved from LinkedIn,  this handler returns a URL to LinkedIn OAuth authorization server, which displays a form to require user to enter user name and password, and to authorize access to his/her profile on LinkedIn.  After the authorization step is successful, LinkedIn OAuth server will redirect user to a provided callback URL “liEndOAuth.htm” with OAuth verifier token.  A handler for “liEndOAuth.htm” URL then goes and request  an access token and access token secret using the provided verifier token. That concludes the OAuth dance.

@SessionAttributes({ "userLinkedInProfile", "linkedIn" })
public class LinkedInController {
   @RequestMapping(value = "/liStartOAuth.htm", method = RequestMethod.GET)
   public ModelAndView startAuthentication() throws TwitterException {
     SocialNetworkOAuthManager linkedInOAuthMgr =

     ModelAndView mv = new ModelAndView("redirect:" + linkedInOAuthMgr.getAuthorizationURL());
     mv.addObject("linkedIn", linkedInOAuthMgr);
     return mv;

 @RequestMapping(value = "/liEndOAuth.htm", method = RequestMethod.GET)
 public ModelAndView endAuthentication(
      @RequestParam(value = "oauth_token", required = false) String oauth_token,
      @RequestParam(value = "oauth_verifier") String oauth_verifier,
      @ModelAttribute("linkedIn") SocialNetworkOAuthManager linkedInOAuthMgr) {

      AccessToken accessToken = linkedInOAuthMgr.getOAuthAccessToken(oauth_verifier);

      UserLinkedInProfile userLinkedInProfile = new UserLinkedInProfile();

      ModelAndView mv = new ModelAndView("close");
      mv.addObject("userLinkedInProfile", userLinkedInProfile);
      return mv;

The actual work of dealing OAuth dance is in the following classes:, and

public class SocialNetworkFactory {
 public static SocialNetworkOAuthManager getLinkedInOAuthManager(String apiKey,
                                            String apiSecretKey) {
    return new LinkedInOAuthManager(apiKey, apiSecretKey);

import org.scribe.builder.ServiceBuilder;
import org.scribe.builder.api.LinkedInApi;
import org.scribe.model.Token;
import org.scribe.model.Verifier;
import org.scribe.oauth.OAuthService;

public class LinkedInOAuthManager extends AbstractOAuthManager {
 private static final String AUTHORIZE_URL = "";

 private OAuthService service;
 private Token requestToken;

 public LinkedInOAuthManager(String apiKey, String apiSecretKey) {
   super(apiKey, apiSecretKey);

   service = new ServiceBuilder()

 public String getAuthorizationURL() {
   requestToken = service.getRequestToken();
   return AUTHORIZE_URL + requestToken.getToken();

 public AccessToken getOAuthAccessToken(String verifierCode) {
   Verifier verifier = new Verifier(verifierCode);
   Token token = service.getAccessToken(requestToken, verifier);
   AccessToken accessToken = new AccessToken(token.getToken(), token.getSecret());

   return accessToken;

As you can see, the scribe library makes it pretty easy to deal with OAuth dance.
Once the access token is available, it is just a matter of providing that to Spring Social Below is an example of retrieving LinkedIn member profile URL and using to tweet.

  LinkedInTemplate linkedInTemplate = LinkedInTemplate(apiKey, apiSecret, accessToken, accessTokenSecret);

  TwitterTemplate twitterTemplate = TwitterTemplate(apiKey, apiSecret, accessToken, accessTokenSecret);
  twitterTemplate.updateStatus("This is amazing!!");

Unfortunately the in Spring Social M1 doesn’t have a method to update network status. However it is not difficult to add such functionality yourself or see how that is done in this blog.

The code to implement the OAuth dance with Twitter is nearly identical to the code above so I won’t bore you with that code.  The Spring Social does have a method to send a tweet, so it is fairly trivial to send tweets.

The OAuth dance with Facebook is a bit different from LinkedIn and Twitter.  I guess because Facebook is now on OAuth 2.0.  There are two ways (that I know of) to get an access token from Facebook.  The first way is very simple, but it requires using Facebook JavaScript SDK and the second way is directly interacting with Facebook OAuth server via RESTful API.  In this blog, I will only go over the details of the first approach, which is based on the documentation at Facebook Developers site.

At a high level, FB JavaScript SDK provides an easy way using custom tag to display FB login/logout button and handles the redirection to their authorization server.  One important thing to know is once the authorization is successfully completed, the access token is saved in a cookie with name as fbs_<your Facebook app id>.  This means the server side of your application can easily get its hand on the access token.  Spring Social comes with a handler method argument resolver ( to extract the access token and user id out of the FB access token cookie for you.

Here is JavaScript code snippet.

<script src=""></script>
  FB.init({appId: '<your app id>', status: true, cookie: true, xfbml: true});
<fb:login-button autologoutlink="true" perms="publish_stream" ></fb:login-button>

The “perms” attribute of the <fb:login-button> tag is a very important attribute because there is where you can specify what are the different resources that your application would like to have access to on behalf of users of your application.

The snippet of Java code below shows how to get to the access token and user id using Spring Social custom annotations @FacebookAccessToken and @FacebookUserId.

@RequestMapping(value="/fbUpdateStatus.htm", method = RequestMethod.POST)
public ModelAndView updateStatus(@RequestParam("status") String fbStatus,
                                 @FacebookAccessToken String accessToken,
                                 @FacebookUserId String userId) {
   ModelAndView mv = null;
   try {
     FacebookTemplate facebook = new FacebookTemplate(accessToken);

     mv = ModelAndViewUtil.buildSuccessfulAjaxStatus();
   } catch (Exception e) {
     mv = ModelAndViewUtil.buildFailedAjaxStatus(e.getMessage());

   return mv;

NOTE: In order to get @FacebookAccessToken and @FacebookUserId annotations to work correctly, the must be properly configured. There are two ways to do this, but the end goal is the same, which is to set as one of the custom argument resolvers in  The first way is if you are using the convenient <mvc:annotation-driven> tag, then pass an instance of to AnnotationMethodHandlerAdapter inside a custom BeanPostProcessor.  The second way is don’t use the convenient <mvc:annotation-driven> tag and define both the DefaultAnnotationHandlerMapping bean and AnnotationMethodHandlerAdapter bean manually.  This way you can wire in an instance of FacebookWebArgumentResolver to the property customArgumentResolver of AnnotationMethodHandlerAdapter.

In my application I want to provide a small popup with a text box so a user can quickly send a tweet or send an update to his/her FB wall or send a network update on their LinkedIn member profile.  I stumbled upon qTip library, a tooltip plugin for jQuery framework and really like the functionality this library provides.  It makes it so easy to display a very professional looking tool tip.

This blog is getting long and it has pretty much I wanted to write. I am going to end this blog with an observations about the M1 of Spring Social project.

As a Java developer and a big fan of Spring Framework, I am really happy to see the existence of Spring Social project. However, in its current state, it lacks one important feature that I was expecting and that is to make it dead simple to deal with the OAuth dance.  I am sure this feature is going to be available in future release.

If you have any questions or suggestions, I would love to hear them.

This entry was posted in Social Networking, Spring Framework. Bookmark the permalink.

18 Responses to Using Spring Social To Update Status On Facebook, Twiiter and LinkedIn

  1. Craig Walls says:

    Thanks for spreading the word about Spring Social! Oh, and real soon we’ll be releasing a milestone 2 release that should satisfy the “dead simple” OAuth dance request you asked for.

  2. Mohan says:

    Thanks for the article and sample code.
    I had run some of the samples of Spring Social well and good when running outside Proxy. But fails when running behind Proxy. Does any parameters need to be passed in this case for Proxy and Port in creating Oauth Service . Please let me know.

    Thanks in advance!

  3. Qfgahrsv says:

    Have you got a current driving licence? sven s place bbs

  4. Nmbqpvtx says:

    Can you put it on the scales, please? Petite Model Sex

  5. Ftfmgrnm says:

    Could I have an application form? petite cute preteens Camille, your videos are so wonderful! You are such a sweetie for actually replying to comments. If I could ever meet someone who’s half the woman you are, I would be in heaven 😉

  6. ravi says:

    may i have the code for creating an album and uploading a pic and if no album is specified then it should upload to the default album

  7. neil says:

    hi! i am trying to pattern the OAuth part of this webapp i am writing with the one you posted above, but i can’t seem to understand where you got the and files. these are your own custom classes, i presume? could you share the source codes for those files?

  8. Saw Thanda Oo says:


    I want to know.
    How can i import ModelAndViewUtil?

  9. I have been browsing online more than 3 hours today,
    yet I by no means found any interesting article like yours.
    It is lovely worth sufficient for me. In my view, if all webmasters and bloggers made
    excellent content material as you probably did, the web will likely
    be much more helpful than ever before.

  10. トリーバーチ 店舗

  11. Maxi says:

    Hi, great post, the explanation it’s very clear, but is there any place where I can get the full code?

  12. Paramesh says:

    Is it possible to share the complete code through github..

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s