Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Introduction to spring social - illustrated in the Europe PMC project

108 views

Published on

Europe PMC (http://europepmc.org/) is a repository, providing access to worldwide life sciences publications.

Europe PMC uses Spring Social to allow Twitter users to sign into Europe PMC by just using their Twitter accounts, without having to signing up with Europe PMC.

Europe PMC also develops the spring-social-orcid module to enable web applications or web services to access the ORCID Repository (https://orcid.org/) in the framework of Spring Social.

Published in: Software
  • Be the first to comment

Introduction to spring social - illustrated in the Europe PMC project

  1. 1. Introduction to Spring Social illustrated in the Europe PMC project Yuci Gou (ygou@ebi.ac.uk) Literature Service Group 2017-06-20 1
  2. 2. • Background – Why needed it? • What is Spring Social & Why chose Spring Social? • Underneath Protocol – OAuth 2.0 • Spring Social Architecture • Spring Social Components • Spring Social Configuration • Demo • References Agenda 2
  3. 3. Background – Why needed Spring Social in Europe PMC? 3
  4. 4. Background – Why needed Spring Social in Europe PMC? 4
  5. 5. Background – Why needed Spring Social in Europe PMC? 5
  6. 6. Background – Why needed it? Twitter users! We had a requirement to allow Twitter users to sign into Europe PMC by just using their Twitter accounts, without having to signing up with Europe PMC. 6
  7. 7. What is Spring Social? • A Spring module • Enable 3rd party systems to establish connection with Software-as-a-Service (SaaS) providers, such as Twitter and Facebook, to • Authenticate a user, and • Invoke APIs on behalf of the user 7
  8. 8. Why chose Spring Social? • Twitter is an OAuth based service provider, which is supported by Spring Social out of the box. • Implementing the OAuth 3-legged “dance” is non-trivial. • Also Facebook, LinkedIn, Google, GitHub, and many more. • Europe PMC front-end is Spring based, already. 8
  9. 9. Underneath Protocol - OAuth • An open standard for authorization between computer systems (RFC 6749) • Allows users to share their private resources stored on one system (e.g., ORCID, Twitter) with a 3rd party system (e.g., Europe PMC), without having to give up their credentials (username, password) to the 3rd party. 9
  10. 10. OAuth: 3-legged Dance 10
  11. 11. Spring Social Dependencies <dependency> <groupId>org.springframework.social</groupId> <artifactId>spring-social-core</artifactId> <version>1.1.0.RELEASE</version> </dependency> <dependency> <groupId>org.springframework.social</groupId> <artifactId>spring-social-web</artifactId> <version>1.1.0.RELEASE</version> </dependency> <dependency> <groupId>org.springframework.social</groupId> <artifactId>spring-social-twitter</artifactId> <version>1.1.0.RELEASE</version> </dependency> 11
  12. 12. Spring Social Architecture 12
  13. 13. Spring Social Main Components • Connection<A> interface • ConnectionFactory interface • Sign in Controller • Provider specific modules 13
  14. 14. Components - Connection<A> interface • Represents the connection to a service provider. • Enables the client application to access or update user information using the provider's (such as Twitter) API. Note: <A> is a strongly-typed binding to the service provider's API. 14
  15. 15. Components - ConnectionFactory interface • Two types factory interfaces, such as: • OAuth1ConnectionFactory<A> interface • OAuth2ConnectionFactory<A> interface • Each provider implements one of these factories, depending on the protocol it uses. 15
  16. 16. Components - Sign in Controller • A Spring MVC controller • Guides the user through the sign-in process, handling the 3 legged OAuth dance for authentication. • Entry URL: POST /signin/{providerId} 16
  17. 17. Components - Sign in Controller 17
  18. 18. Components - Provider specific modules • Two important classes: • The Java API for the service, titled as Provider (e.g. Twitter) • The provider’s connection factory, titled ProviderConnectionFactory (e.g. TwitterConnectionFactory) 18
  19. 19. Components - User Connection Repository HSQL database schema CREATE TABLE IF NOT EXISTS UserConnection ( userId varchar(255) NOT NULL, providerId varchar(255) NOT NULL, providerUserId varchar(255) DEFAULT '' NOT NULL, rank INTEGER NOT NULL, displayName varchar(255) DEFAULT NULL, profileUrl varchar(512) DEFAULT NULL, imageUrl varchar(512) DEFAULT NULL, accessToken varchar(255) NOT NULL, secret varchar(255) DEFAULT NULL, refreshToken varchar(255) DEFAULT NULL, expireTime BIGINT DEFAULT NULL, PRIMARY KEY (userId,providerId,providerUserId) ); 19
  20. 20. Components - User Connection Repository Dependencies <dependency> <groupId>org.hsqldb</groupId> <artifactId>hsqldb</artifactId> <version>2.3.2</version> </dependency> 20
  21. 21. Components - User Connection Repository Configuration 21
  22. 22. Configuration - Properties social.properties 22
  23. 23. Configuration Connection Factory 23
  24. 24. Configuration Connection Repository 24
  25. 25. Configuration Sign in Controller 25
  26. 26. Demo 26
  27. 27. Demo 27
  28. 28. Demo 28
  29. 29. Demo 29
  30. 30. Expand the Spring Social Project Family 30
  31. 31. References • OAuth 2.0 Official Site & Specifications • Spring Social Project Official Site • Spring Social Project Official Document • Spring Social Twitter Official Document • Spring Social ORCID (on GitHub) contributed by Europe PMC • Examples from Europe PMC demonstrating the usage of Spring Social ORCID • Web Application (on GitHub) • RESTful Web Service example and its JavaScript client app (on GitHub) 31
  32. 32. Questions? Thank You! 32

×