This page provides instructions on how to configure the Twitter authenticator and Identity Server using a sample app. You can find more information in the following sections.
This is tested with the Twitter API version 1.1 which uses OAuth 1.0a. Twitter Authenticator is supported by WSO2 Identity Server versions 5.1.0, 5.2.0 and 5.3.0.
Deploying Twitter artifacts
Download the WSO2 Identity Server from here.
Place the Twitter authenticator .jar file (
org.wso2.carbon.extension.identity.authenticator.twitter.connector-X.X.X.jar
) into the<IS_HOME>/repository/components/dropins
directory. This can be downloaded from the WSO2 Store.If you want to upgrade the Twitter Authenticator in your existing IS pack, please refer upgrade instructions.
Configuring the Twitter App
- Create an account at https://twitter.com and log in.
- Navigate to https://apps.twitter.com/ and click Create New App.
- Provide an application name and description.
- For this tutorial, enter
http://
127.0.0.1
as the website URL. It is used as a placeholder since application used for the tutorial is not publicly available. Give the Callback URL as
https://<HOST_NAME_OF_IS>:9443/commonauth
. For example:https://apps.customhost.com:9443/commonauth
.Note
If the Identity Server is running on your local machine, add an entry as mentioned below and use this host name (here
apps.customhost.com
) in your twitter callback url.127.0.0.1 apps.customhost.com
- Click Create your Twitter application.
Callback URL is the URL to which the browser should be redirected after the authentication is successful. It should have this format:
https://(host-name):(port)/acs
. Here ACS URL (Assertion Consumer URL) is the endpoint in WSO2 Identity Server which accepts the response sent by google. - After creating the app, go to the Keys and Access Tokens tab to get the API Key and API Secret. These are the Consumer Key and Consumer Secret values shown.
Example:
Deploying travelocity.com sample app
The next step is to deploy the sample app in order to use it in this scenario.
Once this is done, the next step is to configure the WSO2 Identity Server by adding an identity provider and service provider.
Configuring the identity provider
Now you have to configure WSO2 Identity Server by adding a new identity provider. For more information about the Identity Providers, see Configuring an Identity Provider.
- Log in to the management console as an administrator.
- In the Identity Providers section under the Main tab of the management console, click Add.
Give a suitable name for Identity Provider Name. Expand Federated Authenticators and expand TwitterAuthenticator Configuration.
Enter the values as given when you created the twitter application.- Select both checkboxes to Enable the Twitter authenticator and make it the Default.
- API Key: Consumer Key for your app.
- API Secret: Consumer Secret for your app.
- Callback URL: Service Provider's URL where code needs to be sent (e.g.,
https://apps.customhost.com:9443/commonauth
)
- Select both checkboxes to Enable the Twitter authenticator and make it the Default.
Click Register.
You have now added the identity provider.
Configuring the service provider
The next step is to configure the service provider.
Return to the management console.
In the Service Providers section, click Add under the Main tab.
Since you are using travelocity as the sample, enter travelocity.com in the Service Provider Name text box and click Register.
In the Inbound Authentication Configuration section, click Configure under the SAML2 Web SSO Configuration section.
Now set the configuration as follows:
Issuer:
travelocity.com
Assertion Consumer URL:
http://localhost:8080/travelocity.com/home.jsp
Click Add to add the assertion consumer URL.Select the following check-boxes:
Enable Response Signing.
Enable Single Logout.
Enable Attribute Profile.
- Include Attributes in the Response Always.
Click Register to save the changes. Now you will be sent back to the Service Providers page.
Navigate to the Local and Outbound Authentication Configuration section.
Select the identity provider you created from the dropdown list under Federated Authentication.
Ensure that the Federated Authentication radio button is selected and click Update to save the changes.
You have now added and configured the service provider.
Testing the sample
To test the sample, go to the following URL:
http://<TOMCAT_HOST>:<TOMCAT_PORT>/travelocity.com/index.jsp
. E.g., http://localhost:8080/travelocity.comClick the option available to log in with SAML from the WSO2 Identity Server.
You are navigated to the Twitter application. Enter the username and password of your Twitter account to log in.
Example:Once the authentication is complete, you will be taken to the home page of the travelocity.com app.
Example: