Europe PMC (http://europepmc.org/) is a repository, providing access to worldwide life sciences publications.
Europe PMC uses Spring Social to allow Twitter users to sign into Europe PMC by just using their Twitter accounts, without having to signing up with Europe PMC.
Europe PMC also develops the spring-social-orcid module to enable web applications or web services to access the ORCID Repository (https://orcid.org/) in the framework of Spring Social.
2. • Background – Why needed it?
• What is Spring Social & Why chose Spring
Social?
• Underneath Protocol – OAuth 2.0
• Spring Social Architecture
• Spring Social Components
• Spring Social Configuration
• Demo
• References
Agenda
2
6. Background – Why needed it?
Twitter users!
We had a requirement to allow Twitter users to sign
into Europe PMC by just using their Twitter accounts,
without having to signing up with Europe PMC.
6
7. What is Spring Social?
• A Spring module
• Enable 3rd party systems to establish connection
with Software-as-a-Service (SaaS) providers,
such as Twitter and Facebook, to
• Authenticate a user, and
• Invoke APIs on behalf of the user
7
8. Why chose Spring Social?
• Twitter is an OAuth based service provider, which
is supported by Spring Social out of the box.
• Implementing the OAuth 3-legged “dance” is
non-trivial.
• Also Facebook, LinkedIn, Google, GitHub, and
many more.
• Europe PMC front-end is Spring based, already.
8
9. Underneath Protocol - OAuth
• An open standard for authorization between
computer systems (RFC 6749)
• Allows users to share their private resources stored
on one system (e.g., ORCID, Twitter) with a 3rd party
system (e.g., Europe PMC), without having to give up
their credentials (username, password) to the 3rd
party.
9
13. Spring Social Main Components
• Connection<A> interface
• ConnectionFactory interface
• Sign in Controller
• Provider specific modules
13
14. Components - Connection<A> interface
• Represents the connection to a service provider.
• Enables the client application to access or update
user information using the provider's (such as
Twitter) API.
Note: <A> is a strongly-typed binding to
the service provider's API.
14
15. Components - ConnectionFactory interface
• Two types factory interfaces, such as:
• OAuth1ConnectionFactory<A> interface
• OAuth2ConnectionFactory<A> interface
• Each provider implements one of these factories,
depending on the protocol it uses.
15
16. Components - Sign in Controller
• A Spring MVC controller
• Guides the user through the sign-in process, handling
the 3 legged OAuth dance for authentication.
• Entry URL: POST /signin/{providerId}
16
18. Components - Provider specific modules
• Two important classes:
• The Java API for the service, titled as Provider (e.g. Twitter)
• The provider’s connection factory, titled
ProviderConnectionFactory (e.g.
TwitterConnectionFactory)
18
19. Components - User Connection Repository
HSQL database schema
CREATE TABLE IF NOT EXISTS UserConnection (
userId varchar(255) NOT NULL,
providerId varchar(255) NOT NULL,
providerUserId varchar(255) DEFAULT '' NOT NULL,
rank INTEGER NOT NULL,
displayName varchar(255) DEFAULT NULL,
profileUrl varchar(512) DEFAULT NULL,
imageUrl varchar(512) DEFAULT NULL,
accessToken varchar(255) NOT NULL,
secret varchar(255) DEFAULT NULL,
refreshToken varchar(255) DEFAULT NULL,
expireTime BIGINT DEFAULT NULL,
PRIMARY KEY (userId,providerId,providerUserId)
);
19
31. References
• OAuth 2.0 Official Site & Specifications
• Spring Social Project Official Site
• Spring Social Project Official Document
• Spring Social Twitter Official Document
• Spring Social ORCID (on GitHub) contributed by Europe PMC
• Examples from Europe PMC demonstrating the usage of Spring
Social ORCID
• Web Application (on GitHub)
• RESTful Web Service example and its JavaScript client app (on GitHub)
31