There is an OAuth pluginfor Spring Security

Spring Security有一个OAuth 插件

One library mentioned on http://oauth.net/codelooks interesting (I'm excluding the OAuth for Spring Securityand OAuth Signpostwhich are not what you're looking for):

http://oauth.net/code 上提到的一个库看起来很有趣（我不包括用于 Spring Security和OAuth Signpost 的 OAuth，它们不是您要查找的）：

A Java libraryand exampleswere contributed by John Kristian, Praveen Alavilli and Dirk Balfanz.

OAuth for Spring Securityis also available, contributed by Ryan Heaton. This project is not hosted in the OAuth repository.

OAuth Signpostoffers simple OAuth message signing for Java and Apache HttpComponents (Google Android ready!). Contributed by Matthias Kaeppler.

一个Java库和示例是由约翰·克里斯蒂安，普利文Alavilli和德克Balfanz贡献。

也可以使用OAuth for Spring Security，由 Ryan Heaton 贡献。此项目未托管在 OAuth 存储库中。

OAuth Signpost为 Java 和 Apache HttpComponents（Google Android 就绪！）提供简单的 OAuth 消息签名。由马蒂亚斯·凯普勒提供。

I've checked the Java librarya bit further and I think that its providing everything required for client-side and server-side code. The following blog posthas actually a full example and I'm pasting the server code below (a JSP):

我进一步检查了Java 库，我认为它提供了客户端和服务器端代码所需的一切。下面的博客文章实际上有一个完整的示例，我正在粘贴下面的服务器代码（一个 JSP）：

<%@ page import="net.oauth.server.*"%>
<%@ page import="net.oauth.*"%>

<%
//Presumably this should actually be looked up for a given key.
String consumerSecret="uynAeXiWTisflWX99KU1D2q5";

//Presumably the key is sent by the client. This is part of the URL, after all.
String consumerKey="orkut.com:623061448914";

//Construct the message object. Use null for the URL and let the code construct it.
OAuthMessage message=OAuthServlet.getMessage(request,null);

//Construct an accessor and a consumer
OAuthConsumer consumer=new OAuthConsumer(null, consumerKey, consumerSecret, null);
OAuthAccessor accessor=new OAuthAccessor(consumer);

//Now validate. Weirdly, validator has a void return type. It throws exceptions
//if there are problems.
SimpleOAuthValidator validator=new SimpleOAuthValidator();
validator.validateMessage(message,accessor);

//Now what? Generate some JSON here for example.
System.out.println("It must have worked"); %> 

This looks close to what you want.

这看起来接近你想要的。

Looks like there's a Subversion repo for a library at http://oauth.googlecode.com/svn/code/java/. Looks like you'll have to checkout and run maven to get executables though.

看起来在http://oauth.googlecode.com/svn/code/java/ 上有一个库的 Subversion 存储库。看起来您必须签出并运行 maven 才能获得可执行文件。

If you go into example/webapp/src/main/java they have some examples of consuming from Twitter, Yahoo, & others.

如果你进入 example/webapp/src/main/java 他们有一些从 Twitter、Yahoo 和其他人消费的例子。

Jersey(the reference implementation of JAX-RS) supports OAuth through a Jersey extension called OpenSSO Auth Filter. However this requires an additional OpenSSO server instance. See this document for more information.

Jersey（JAX-RS 的参考实现）通过名为 OpenSSO Auth Filter 的 Jersey 扩展支持 OAuth。但是，这需要额外的 OpenSSO 服务器实例。有关详细信息，请参阅此文档。

Note that OpenSSO has been discontinued by Oracle and is now under ForgeRock as OpenAM.

请注意，OpenSSO 已被 Oracle 停止使用，现在在 ForgeRock 下作为 OpenAM。

You can use the Jersey OAuth Signature Library.

您可以使用Jersey OAuth 签名库。

Simple OAuth authentication for a servlet or filter may be set up using a Container Filter, which filters the request before the request is matched and dispatched to a root resource class. The Container Filter is registered using initialization parameters which point to a user defined class, such as the following:

可以使用容器过滤器设置 servlet 或过滤器的简单 OAuth 身份验证，该过滤器在请求匹配并分派到根资源类之前过滤请求。使用指向用户定义类的初始化参数注册容器过滤器，例如：

public class OAuthAuthenticationFilter implements ContainerRequestFilter {
    @Override
    public ContainerRequest filter(ContainerRequest containerRequest) {
        // Read the OAuth parameters from the request
        OAuthServerRequest request = new OAuthServerRequest(containerRequest);
        OAuthParameters params = new OAuthParameters();
        params.readRequest(request);

        // Set the secret(s), against which we will verify the request
        OAuthSecrets secrets = new OAuthSecrets();
        // ... secret setting code ...

        // Check that the timestamp has not expired
        String timestampStr = params.getTimestamp();
        // ... timestamp checking code ...

        // Verify the signature
        try {
            if(!OAuthSignature.verify(request, params, secrets)) {
                throw new WebApplicationException(401);
            }
        } catch (OAuthSignatureException e) {
            throw new WebApplicationException(e, 401);
        }

        // Return the request
        return containerRequest;
    }
}

Scribeis an OAuth library for Java, written by the asker himself. ;-)

Scribe是 Java 的 OAuth 库，由提问者自己编写。;-)

Note: I post this here as an answer so that other googlers have a choice of alternatives. For another library-based alternative, see my other answer "Jersey OAuth signature library".

注意：我将其发布在这里作为答案，以便其他谷歌员工可以选择替代方案。对于另一个基于库的替代方案，请参阅我的另一个答案“Jersey OAuth 签名库”。

Some code to illustrate usage:

一些代码来说明用法：

OAuthService service = new ServiceBuilder()
                                  .provider(TwitterApi.class)
                                  .apiKey("your_api_key")
                                  .apiSecret("your_api_secret")
                                  .build();
...
Token requestToken = service.getRequestToken();
String your_token = requestToken.getToken();
...
Verifier verifier = new Verifier("your_previously_retrieved_verifier");
 Token accessToken = service.getAccessToken(requestToken, verifier);

Creating the request:

创建请求：

OAuthRequest request = OAuthRequest(Verb.GET, "http://api.twitter.com/1/direct_messages.json");
service.signRequest(accessToken, request);
Response response = request.send();