On June 11, 2013, Twitter will retire version 1.0 of their API and all applications will be expected to use version 1.1. One of the implications of this change is that *all* requests must be authorized with an access token. This even applies to resources, such as search, that previously were not secured.
This does not mean, however, that you must obtain user authorization to access those resources. Many of the resources in the Twitter API can be accessed with either user authorization or application authorization. For user authorization, Twitter supports OAuth 1.0a. For those resources that allow application authorization, Twitter supports OAuth 2 Bearer tokens where the token presented is one obtained through OAuth 2's Client Credentials Grant.
Spring Social has supported Twitter API v1.1 since Spring Social Twitter 1.0.3. But in that version of Spring Social Twitter, only user tokens are supported. However, I have made some changes to Spring Social Twitter to support application tokens.
Spring Social Twitter 1.0.4.BUILD-SNAPSHOT now offers a new constructor that accepts an application access token and will allow you to perform several operations that do not require user authorization. The list of supported operations is at the end of this post.
In addition, Spring Social Core 1.0.3.BUILD-SNAPSHOT now includes an OAuth2Operations/OAuth2Template with an authenticateClient() method for obtaining a client AccessGrant (from which you can get the client access token).
Due to the imminent retirement of Twitter API v1.0, I intend to publish these as Spring Social Twitter 1.0.4.RELEASE and Spring Social Core 1.0.3.RELEASE at the end of this week (or Monday, June 10th at the latest).
In the meantime, I encourage the community to test these thoroughly and report any issues pertaining to this change that you may find. Any issues not identified prior to pushing these releases will be weighed for priority. Depending on the impact of the issue, the fix may either be fixed in a followup 1.0.x release or may be delayed for 1.1.0. Therefore, it's important to identify and fix those issues this week.
What follows are the Spring Social Twitter API binding methods that should be available with either user authorization or application authorization.
Note that some methods are overloaded and not all variations of a method support application authorization. Generally speaking, methods that take a user ID or screen name will support application authorization and those that assume a current user will only support user authorization. See the JavaDoc for guidance on which support application authorization.
FriendOperations.getFriends()
FriendOperations.getFriendsInCursor()
FriendOperations.getFriendIdsInCursor()
FriendOperations.getFollowersInCursor()
FriendOperations.getFollowerIdsInCursor()
ListOperations.getLists()
ListOperations.getList()
ListOperations.getListStatuses()
ListOperations.getListMembers()
ListOperations.getListSubscribers()
ListOperations.getMemberships()
ListOperations.getSubscriptions()
ListOperations.isMember()
ListOperations.isSubscriber()
SearchOperations.search()
SearchOperations.getLocalTrends()
TimelineOperations.getUserTimeline()
TimelineOperations.getStatus()
TimelineOperations.getRetweets()
UserOperations.getUserProfile()
UserOperations.getUsers()
UserOperations.getSuggestionCategories()
UserOperations.getSuggestions()
UserOperations.getRateLimitStatus()
This does not mean, however, that you must obtain user authorization to access those resources. Many of the resources in the Twitter API can be accessed with either user authorization or application authorization. For user authorization, Twitter supports OAuth 1.0a. For those resources that allow application authorization, Twitter supports OAuth 2 Bearer tokens where the token presented is one obtained through OAuth 2's Client Credentials Grant.
Spring Social has supported Twitter API v1.1 since Spring Social Twitter 1.0.3. But in that version of Spring Social Twitter, only user tokens are supported. However, I have made some changes to Spring Social Twitter to support application tokens.
Spring Social Twitter 1.0.4.BUILD-SNAPSHOT now offers a new constructor that accepts an application access token and will allow you to perform several operations that do not require user authorization. The list of supported operations is at the end of this post.
In addition, Spring Social Core 1.0.3.BUILD-SNAPSHOT now includes an OAuth2Operations/OAuth2Template with an authenticateClient() method for obtaining a client AccessGrant (from which you can get the client access token).
Due to the imminent retirement of Twitter API v1.0, I intend to publish these as Spring Social Twitter 1.0.4.RELEASE and Spring Social Core 1.0.3.RELEASE at the end of this week (or Monday, June 10th at the latest).
In the meantime, I encourage the community to test these thoroughly and report any issues pertaining to this change that you may find. Any issues not identified prior to pushing these releases will be weighed for priority. Depending on the impact of the issue, the fix may either be fixed in a followup 1.0.x release or may be delayed for 1.1.0. Therefore, it's important to identify and fix those issues this week.
What follows are the Spring Social Twitter API binding methods that should be available with either user authorization or application authorization.
Note that some methods are overloaded and not all variations of a method support application authorization. Generally speaking, methods that take a user ID or screen name will support application authorization and those that assume a current user will only support user authorization. See the JavaDoc for guidance on which support application authorization.
FriendOperations.getFriends()
FriendOperations.getFriendsInCursor()
FriendOperations.getFriendIdsInCursor()
FriendOperations.getFollowersInCursor()
FriendOperations.getFollowerIdsInCursor()
ListOperations.getLists()
ListOperations.getList()
ListOperations.getListStatuses()
ListOperations.getListMembers()
ListOperations.getListSubscribers()
ListOperations.getMemberships()
ListOperations.getSubscriptions()
ListOperations.isMember()
ListOperations.isSubscriber()
SearchOperations.search()
SearchOperations.getLocalTrends()
TimelineOperations.getUserTimeline()
TimelineOperations.getStatus()
TimelineOperations.getRetweets()
UserOperations.getUserProfile()
UserOperations.getUsers()
UserOperations.getSuggestionCategories()
UserOperations.getSuggestions()
UserOperations.getRateLimitStatus()