I currently have a website set up with Spring MVC and Spring Social so users can sign in with Facebook and Twitter.
Now I want to authorize my Android client to access my third-party web site, with Facebook (or Twitter) credentials. As stated here, this should be possible. But he does not continue to say how. Can anyone get me on the way with this? Just give me some basic outlines of how to do this. I'm really stuck here...
I'm actually in the middle of working on a project which needs to do the same thing. I implemented Spring Security & Spring Social for the website and also needed to allow for the iOS and Android apps to connect via the social sites as well.
Here's what you'll need to do:
Implement the device-specific APIs into the development of your app's projects. So, implement Facebook, twitter or whatever else as you normally would on the devices. You'll be doing the actual authenticating process there.
Implement a special URL for your apps to sign in via the social services. For example, http://yousiteapi.com/services/auth/socialSignin. You're going to need to pass ALL the parameters to this api that would normally get written to the UserConnection table implementation - providerId, userProviderId, authenticationToken, secret, etc. If a provider doesn't use one of these, just pass in null or a empty var.
Within this controller, you're going to need to reference both your implementation of the spring Social SignInAdapter AND the ConnectionSignUp classes along with your implementation of the ConnectionRepository and UserConnectionRepository and basically reproduce the whole signup process. First, you'll need to decide which provider it is via the providerId you pass back and use the provider's consumerKey and consumerSecret to implement the specific ConnectionFactory you'll need. Then, use the data you passed in to create the ConnectionData object. With the ConnectionData object, you create the actual Connection object.
Now is where you replicate the logic of the normal Spring Social login: First, use your reference of the UserConnectionRepository and call the findUserIdsWithConnection() method to see if the user has previous logged in. If not, call the ConnectionSignUp.execute() method to create the user.
Finally, you just call your SignInAdapter.signin() method to sign the user in. Don't forget to set your response to OK so your app knows this was a success.
Wow, that sounds like a lot. Actually sounds like more than it is. Hope this at least helped to point you in the right direction.