My article on developer.force.com, Using OAuth to Authorize External Applications, shows how to develop external Java applications that use OAuth to access your Saleforce.com data. But what if you want to do the opposite? What if you need to write an application on the Force.com platform that uses your data from Google, Twitter, LinkedIn or TripIt using OAuth? Luckily Jesper Jorgenson at Salesforce.com posted an open source project called sfdc-oauth-playground which is a generic consumer implementation of OAuth as a Force.com App.
The main purpose of this beta project is to show you how to write OAuth signed requests in Apex. There is a managed packaged you can install into your org but if you really want to dig into the guts of OAuth (and who doesn’t??) you’ll need to download and install the source code from the project. The managed package doesn’t afford you to opportunity to modify code or view granular debug statements.
Jesper doesn’t provide much documentation for the project so I’ve put together a short video showing how to get started using Google Accounts and Blogger. Unfortunately different providers implement OAuth to their own liking so you sometimes have to make modifications to the requests being sent over the wire. I ran into a number of issues so hopefully this will assist you in getting up and running with OAuth.
In case you don’t have time for the video, here are a couple of screenshots outlining the process using the OAuth Consumer Playground application from the managed package.
Create a new OAuth Service (e.g., Blogger) with various URLs for accessing services
Authorize Salesforce access to Blogger
Grant access to Blogger
OAuth Service access tokens
Testing the service