Template Creating an Android OAuth REST Client
Latest commit 27ef60e Oct 30, 2016 @nesquena nesquena committed on GitHub Merge pull request #38 from rogerhu/patch-19
Update SampleModel.java


RestClientTemplate Build Status


RestClientTemplate is a skeleton Android project that makes writing Android apps sourced from OAuth JSON REST APIs as easy as possible. This skeleton project combines the best libraries and structure to enable quick development of rich API clients. The following things are supported out of the box:

  • Authenticating with any OAuth 1.0a or OAuth 2 API
  • Sending requests for and parsing JSON API data using a defined client
  • Persisting data to a local SQLite store through an ORM layer
  • Displaying and caching remote image data into views

The following libraries are used to make this possible:

  • scribe-java - Simple OAuth library for handling the authentication flow.
  • Android Async HTTP - Simple asynchronous HTTP requests with JSON parsing
  • codepath-oauth - Custom-built library for managing OAuth authentication and signing of requests
  • Picasso - Used for async image loading and caching them in memory and on disk.
  • DBFlow - Simple ORM for persisting a local SQLite database on the Android device


1. Configure the REST client

Open src/com.codepath.apps.restclienttemplate/RestClient.java. Configure the REST_API_CLASS, REST_URL, REST_CONSUMER_KEY, REST_CONSUMER_SECRET based on the values needed to connect to your particular API. The REST_URL should be the base URL used for connecting to the API (i.e https://api.twitter.com). The REST_API_CLASS should be the class defining the service you wish to connect to. Check out the full list of services you can select (i.e FlickrApi.class).

For example if I wanted to connect to Twitter:

// RestClient.java
public class RestClient extends OAuthBaseClient {
    public static final Class<? extends Api> REST_API_CLASS = TwitterApi.class;
    public static final String REST_URL = "https://api.twitter.com/1.1";
    public static final String REST_CONSUMER_KEY = "57fdgdfh345195e071f9a761d763ca0";
    public static final String REST_CONSUMER_SECRET = "d657sdsg34435435";
    // ...constructor and endpoints

Next, change the REST_CALLBACK_URL to a unique name that is special for this application. This is used for the OAuth authentication flow:

// RestClient.java
public static final String REST_CALLBACK_URL = "oauth://codepathtweets";

Also, be sure to change this value in the AndroidManifest.xml to match the same host:

// AndroidManifest.xml
// manifest => application => activity
    <action android:name="android.intent.action.VIEW" />

    <category android:name="android.intent.category.DEFAULT" />
    <category android:name="android.intent.category.BROWSABLE" />

        android:scheme="oauth" />

Next, you want to define the endpoints which you want to retrieve data from or send data to within your client:

// RestClient.java
public void getHomeTimeline(int page, AsyncHttpResponseHandler handler) {
  String apiUrl = getApiUrl("statuses/home_timeline.json");
  RequestParams params = new RequestParams();
  params.put("page", String.valueOf(page));
  getClient().get(apiUrl, params, handler);

Note we are using getApiUrl to get the full URL from the relative fragment and RequestParams to control the request parameters. You can easily send post requests (or put or delete) using a similar approach:

// RestClient.java
public void postTweet(String body, AsyncHttpResponseHandler handler) {
    String apiUrl = getApiUrl("statuses/update.json");
    RequestParams params = new RequestParams();
    params.put("status", body);
    getClient().post(apiUrl, params, handler);

These endpoint methods will automatically execute asynchronous requests signed with the authenticated access token. To use JSON endpoints, simply invoke the method with a JsonHttpResponseHandler handler:

// SomeActivity.java
RestClient client = RestApplication.getRestClient();
client.getHomeTimeline(1, new JsonHttpResponseHandler() {
    public void onSuccess(int statusCode, Header[] headers, JSONArray json) {
    // Response is automatically parsed into a JSONArray
    // json.getJSONObject(0).getLong("id");

Based on the JSON response (array or object), you need to declare the expected type inside the OnSuccess signature i.e public void onSuccess(JSONObject json). If the endpoint does not return JSON, then you can use the AsyncHttpResponseHandler:

RestClient client = RestApplication.getRestClient();
client.getSomething(new AsyncHttpResponseHandler() {
    public void onSuccess(int statusCode, Header[] headers, String response) {

Check out Android Async HTTP Docs for more request creation details.

2. Define the Models

In the src/com.codepath.apps.restclienttemplate.models, create the models that represent the key data to be parsed and persisted within your application. For example, if you were connecting to Twitter, you would want a Tweet model as follows:

// models/Tweet.java
package com.codepath.apps.restclienttemplate.models;

import org.json.JSONException;
import org.json.JSONObject;

import com.raizlabs.android.dbflow.structure.BaseModel;
import com.raizlabs.android.dbflow.annotation.Column;
import com.raizlabs.android.dbflow.annotation.ForeignKey;
import com.raizlabs.android.dbflow.annotation.PrimaryKey;
import com.raizlabs.android.dbflow.annotation.Table;

@Table(database = MyDatabase.class)
public class Tweet extends BaseModel {
  // Define database columns and associated fields
  @PrimaryKey @Column 
  Long id;
  String userId;
  String userHandle;
  String timestamp;
  String body;

Notice here we specify the SQLite table for a resource, the columns for that table, and a constructor for turning the JSON object fetched from the API into this object. For more information on creating a model, check out the DBFlow Wiki.

In addition, we can also add functions into the model to support parsing JSON attributes in order to instantiate the model based on API data. This might look like:

// models/Tweet.java
@Table(database = MyDatabase.class)
public class Tweet extends BaseModel {
  // ...existing code from above...

  // Add a constructor that creates an object from the JSON response
  public Tweet(JSONObject object){

    try {
      this.userId = object.getString("user_id");
      this.userHandle = object.getString("user_username");
      this.timestamp = object.getString("timestamp");
      this.body = object.getString("body");
    } catch (JSONException e) {

  public static ArrayList<Tweet> fromJson(JSONArray jsonArray) {
    ArrayList<Tweet> tweets = new ArrayList<Tweet>(jsonArray.length());

    for (int i=0; i < jsonArray.length(); i++) {
        JSONObject tweetJson = null;
        try {
            tweetJson = jsonArray.getJSONObject(i);
        } catch (Exception e) {

        Tweet tweet = new Tweet(tweetJson);

    return tweets;

Now you have a model that supports proper creation based on JSON. Create models for all the resources necessary for your mobile client.

3. Setup Your Authenticated Activities

Open src/com.codepath.apps.restclienttemplate/LoginActivity.java and configure the onLoginSuccess method which fires once your app has access to the authenticated API. Launch an activity and begin using your REST client:

// LoginActivity.java
public void onLoginSuccess() {
  Intent i = new Intent(this, TimelineActivity.class);

In your new authenticated activity, you can access your client anywhere with:

RestClient client = RestApplication.getRestClient();
client.getHomeTimeline(1, new JsonHttpResponseHandler() {
  public void onSuccess(int statusCode, Header[] headers, JSONArray jsonArray) {
    Log.d("DEBUG", "timeline: " + jsonArray.toString());
    // Load json array into model classes

You can then load the data into your models from a JSONArray using:

ArrayList<Tweet> tweets = Tweet.fromJSON(jsonArray);

or load the data from a single JSONObject with:

Tweet t = new Tweet(json);
// t.body = "foo"

That's all you need to get started. From here, hook up your activities and their behavior, adjust your models and add more REST endpoints.


Loading Images with Picasso

If you want to load a remote image url into a particular ImageView, you can use Picasso to do that with:


This will load an image into the specified ImageView and resize the image to fit.

Logging Out

You can log out by clearing the access token at any time through the client object:

RestClient client = RestApplication.getRestClient();


  • If you receive the following error org.scribe.exceptions.OAuthException: Cannot send unauthenticated requests for TwitterApi client. Please attach an access token! then check the following:
    • Is your intent-filter with <data> attached to the LoginActivity? If not, make sure that the LoginActivity receives the request after OAuth authorization.
    • Is the onLoginSuccess method being executed in the LoginActivity. On launch of your app, be sure to start the app on the LoginActivity so authentication routines execute on launch and take you to the authenticated activity.