SlideShare a Scribd company logo
Server-side OpenSocial Java programming
Chris Schalk, Google Developer Advocate

10/04/2009
Agenda

    • OpenSocial Background
    • OAuth Background
    • OpenSocial Java Client Libraries
    • 2-legged and 3-legged OAuth Access
    • Connecting to a Google Friend Connect site




2
OpenSocial Background




3                           3
What is OpenSocial?




    “OpenSocial defines a common set of APIs based on Open Standards
    for building social applications across multiple websites”




4
What is OpenSocial?




                          Before OpenSocial…




5
What is OpenSocial?




                          Standards Based




6
What is OpenSocial?




7
Who owns OpenSocial?




                   ?



8
Who owns OpenSocial?




                            ?       No!
      OpenSocial is managed under the auspices of the
      “OpenSocial Foundation” - http://www.opensocial.org

9
Who's Using it?




                       and many more...
10
Who's Using it?




11
OpenSocial Roadmap


     • Version 0.5 was released in a “developer release” on Nov
     1st 2007.
         • First “sandbox” was made available on Orkut

     • Version 0.6 was released in December 2007
        • Initial version of Shindig server software was launched as Apache
        incubator project
        • Other sandboxes came live - Hi5, Ning, Plaxo …

     • Version 0.7 (production) was released in January 2008
        • MySpace, Hi5, Orkut began running 0.7



12
OpenSocial Roadmap


     • Version v0.8/0.8.1
        • Released in late 2008

     • Contains a RESTful protocol, RPC protocol

     • OpenSocial Client Libraries launched in Dec 08

     • Specification:
     http://www.opensocial.org/Technical-Resources/opensocial-spec-v081




13
OpenSocial 0.9 - Current

     • Key Goal:
        – Enable a faster development experience that is both secure and
          efficient


     Core principles:
     • Client-side and server-side processing
     • Standard set of tags with extensibility model
        – Example: <os:ShowPerson>




14
Where can you find info on OpenSocial?


      http://wiki.opensocial.org




15
OAuth Background




16                      1
                        6
OAuth 101

     What is OAuth?

       • A standard, open protocol for secure API
       authorization for :
          – Desktop
          – Web
          – Mobile
       • OAuth provides an API to access to secure data
       while protecting account credentials.
       • More info:
          http://oauth.net


17
OpenSocial Java client libraries




18                                      1
                                        8
Introducing the OpenSocial Client Libraries


      A set of client libraries for that enable
      direct communication to an OpenSocial
      server.


     • Client libraries exist for PHP, Ruby, Python and Java
     • Supports both REST and RPC protocols
     • Documentation Wiki pages
     • Sample applications provided



                  http://code.google.com/p/opensocial-php-client
                  http://code.google.com/p/opensocial-ruby-client
                  http://code.google.com/p/opensocial-python-client
                  http://code.google.com/p/opensocial-java-client


19                                                                    19
RESTful and RPC protocols
     Sample: Using the OpenSocial client library to Fetch a user’s friends


      OpenSocialClient c = new OpenSocialClient("myhost.com");

       c.setProperty(OpenSocialClient.Properties.REST_BASE_URI, "http://localhost:8080/social/rest/");

       try {
         OpenSocialPerson p = c.fetchPerson("john.doe");
         System.out.println(p.getDisplayName());

           Collection<OpenSocialPerson> friends = c.fetchFriends("john.doe");
           for (OpenSocialPerson friend : friends) {
             System.out.println(friend.getDisplayName());
           }

       } catch (Exception e) {

       }




20
Demonstration: Working with the OpenSocial Java
     client library




21                                                 21
2-legged and 3-legged OAuth access




22                                   2
                                     2
Demonstration: Connecting to an OpenSocial
      container using 2-legged OAuth




                                           (2-legged)




     http://code.google.com/p/opensocial-java-client/wiki/TwoLeggedOAuthJava

23                                                                   23
Examining 2-legged OAuth access

     • Does not offer universal access to the container
        – Specifically tied to a single application installed on the container
        – Uses hardcoded token values
            • Consumer Key
            • Consumer Secret

     • Application security is left to the calling application
     • Pros:
        – Technically easy to implement
        – Good for background data fetch
     • Cons:
        – Can only access social data associated with single application on
           the container
        – Security can be compromised if Consumer key/secret obtained

24
Demonstration: Connecting to an OpenSocial
      container using 3-legged OAuth




                                     (3-legged)




     http://wiki.opensocial.org/index.php?title=Social_Website_Tutorial

25                                                                        25
Examining 3-legged OAuth access




26
Examining 3-legged OAuth access

     • Offers universal access to the container
        – User provides their own credentials to container to allow access
          to data


     • Application security is entirely under control of container
     • Pros:
        – Not hardcoded to specific application since user provides
          credentials, so access can be for anyone
     • Cons:
        – Always have to go through access request step
            • “Doing the Dance…”
        – Not meant for automated data transactions




27
Connecting to a Google Friend
     Connect Site




28                                   2
                                     8
Demonstration: Connecting to Google Friend Connect
     from an independent website




                                 ‘fcauth’ security token




                    http://plane-crazy.appspot.com

29                                                         29
Useful Links

 OpenSocial Homepage & specification:          http://www.opensocial.org

 OAuth website:
   • http://oauth.net

 2 legged OAuth tutorial (in the wiki):
     • http://code.google.com/p/opensocial-java-client/

 3 legged OAuth tutorial: “social website tutorial”:
     • http://wiki.opensocial.org/index.php?title=Social_Website_Tutorial

 Google Friend Connect:
   • http://google.com/friendconnect
   • http://code.google.com/apis/friendconnect

 Plane Crazy example app:
    • http://plane-crazy.appspot.com



30
Questions




                 Q&A

                       Thank You!


31
Ad

Recommended

Web Server-Side Programming Techniques
Web Server-Side Programming Techniques
guest8899ec02
 
Php Intro
Php Intro
Tenth Planet Technologies
 
Web servers
Web servers
webhostingguy
 
ASP.NET Web API and HTTP Fundamentals
ASP.NET Web API and HTTP Fundamentals
Ido Flatow
 
Web Servers: Architecture and Security
Web Servers: Architecture and Security
george.james
 
Web server
Web server
Nirav Daraniya
 
web server
web server
nava rathna
 
2009 - Microsoft IIS Vs. Apache - Who Serves More - A Study
2009 - Microsoft IIS Vs. Apache - Who Serves More - A Study
Vijay Prasad Gupta
 
Web Server - Internet Applications
Web Server - Internet Applications
sandra sukarieh
 
Apache web server
Apache web server
Rishabh Bahukhandi
 
SERVER SIDE PROGRAMMING
SERVER SIDE PROGRAMMING
Prabu U
 
Server side programming
Server side programming
javed ahmed
 
Server Side Programming
Server Side Programming
Milan Thapa
 
Web Server Technologies II: Web Applications & Server Maintenance
Web Server Technologies II: Web Applications & Server Maintenance
Port80 Software
 
Web Server Technologies I: HTTP & Getting Started
Web Server Technologies I: HTTP & Getting Started
Port80 Software
 
Web server
Web server
Touhid Arastu
 
C# ASP.NET WEB API APPLICATION DEVELOPMENT
C# ASP.NET WEB API APPLICATION DEVELOPMENT
Dr. Awase Khirni Syed
 
Apache Web Server Architecture Chaitanya Kulkarni
Apache Web Server Architecture Chaitanya Kulkarni
webhostingguy
 
Web servers (l6)
Web servers (l6)
Nanhi Sinha
 
OAuth-as-a-service using ASP.NET Web API and Windows Azure Access Control - W...
OAuth-as-a-service using ASP.NET Web API and Windows Azure Access Control - W...
Maarten Balliauw
 
Web server administration
Web server administration
sawsan slii
 
APACHE WEB SERVER FOR LINUX
APACHE WEB SERVER FOR LINUX
webhostingguy
 
Web Server(Apache),
Web Server(Apache),
webhostingguy
 
Apache web server
Apache web server
Sabiha M
 
Web Servers (ppt)
Web Servers (ppt)
webhostingguy
 
Excellent rest using asp.net web api
Excellent rest using asp.net web api
Maurice De Beijer [MVP]
 
Apache server configuration & optimization
Apache server configuration & optimization
Gokul Muralidharan
 
OpenSocial CyWorld Dev.Square presentation Sep 09
OpenSocial CyWorld Dev.Square presentation Sep 09
Chris Schalk
 
API Design & Security in django
API Design & Security in django
Tareque Hossain
 
OpenSocial and Mixi platform
OpenSocial and Mixi platform
Pham Thinh
 

More Related Content

What's hot (19)

Web Server - Internet Applications
Web Server - Internet Applications
sandra sukarieh
 
Apache web server
Apache web server
Rishabh Bahukhandi
 
SERVER SIDE PROGRAMMING
SERVER SIDE PROGRAMMING
Prabu U
 
Server side programming
Server side programming
javed ahmed
 
Server Side Programming
Server Side Programming
Milan Thapa
 
Web Server Technologies II: Web Applications & Server Maintenance
Web Server Technologies II: Web Applications & Server Maintenance
Port80 Software
 
Web Server Technologies I: HTTP & Getting Started
Web Server Technologies I: HTTP & Getting Started
Port80 Software
 
Web server
Web server
Touhid Arastu
 
C# ASP.NET WEB API APPLICATION DEVELOPMENT
C# ASP.NET WEB API APPLICATION DEVELOPMENT
Dr. Awase Khirni Syed
 
Apache Web Server Architecture Chaitanya Kulkarni
Apache Web Server Architecture Chaitanya Kulkarni
webhostingguy
 
Web servers (l6)
Web servers (l6)
Nanhi Sinha
 
OAuth-as-a-service using ASP.NET Web API and Windows Azure Access Control - W...
OAuth-as-a-service using ASP.NET Web API and Windows Azure Access Control - W...
Maarten Balliauw
 
Web server administration
Web server administration
sawsan slii
 
APACHE WEB SERVER FOR LINUX
APACHE WEB SERVER FOR LINUX
webhostingguy
 
Web Server(Apache),
Web Server(Apache),
webhostingguy
 
Apache web server
Apache web server
Sabiha M
 
Web Servers (ppt)
Web Servers (ppt)
webhostingguy
 
Excellent rest using asp.net web api
Excellent rest using asp.net web api
Maurice De Beijer [MVP]
 
Apache server configuration & optimization
Apache server configuration & optimization
Gokul Muralidharan
 
Web Server - Internet Applications
Web Server - Internet Applications
sandra sukarieh
 
SERVER SIDE PROGRAMMING
SERVER SIDE PROGRAMMING
Prabu U
 
Server side programming
Server side programming
javed ahmed
 
Server Side Programming
Server Side Programming
Milan Thapa
 
Web Server Technologies II: Web Applications & Server Maintenance
Web Server Technologies II: Web Applications & Server Maintenance
Port80 Software
 
Web Server Technologies I: HTTP & Getting Started
Web Server Technologies I: HTTP & Getting Started
Port80 Software
 
C# ASP.NET WEB API APPLICATION DEVELOPMENT
C# ASP.NET WEB API APPLICATION DEVELOPMENT
Dr. Awase Khirni Syed
 
Apache Web Server Architecture Chaitanya Kulkarni
Apache Web Server Architecture Chaitanya Kulkarni
webhostingguy
 
Web servers (l6)
Web servers (l6)
Nanhi Sinha
 
OAuth-as-a-service using ASP.NET Web API and Windows Azure Access Control - W...
OAuth-as-a-service using ASP.NET Web API and Windows Azure Access Control - W...
Maarten Balliauw
 
Web server administration
Web server administration
sawsan slii
 
APACHE WEB SERVER FOR LINUX
APACHE WEB SERVER FOR LINUX
webhostingguy
 
Web Server(Apache),
Web Server(Apache),
webhostingguy
 
Apache web server
Apache web server
Sabiha M
 
Apache server configuration & optimization
Apache server configuration & optimization
Gokul Muralidharan
 

Similar to Server-side Java Programming (20)

OpenSocial CyWorld Dev.Square presentation Sep 09
OpenSocial CyWorld Dev.Square presentation Sep 09
Chris Schalk
 
API Design & Security in django
API Design & Security in django
Tareque Hossain
 
OpenSocial and Mixi platform
OpenSocial and Mixi platform
Pham Thinh
 
Introduction To Open Web Protocols
Introduction To Open Web Protocols
Mohan Krishnan
 
Enterprise Social using Open Source Frameworks
Enterprise Social using Open Source Frameworks
Werner Keil
 
Enterprise Social using Open Source Frameworks (SMWCPH)
Enterprise Social using Open Source Frameworks (SMWCPH)
Werner Keil
 
Introduction to Portlets Using Liferay Portal
Introduction to Portlets Using Liferay Portal
rivetlogic
 
Gateways 2020 Tutorial - Introduction to Globus
Gateways 2020 Tutorial - Introduction to Globus
Globus
 
Biodiversity Virtual e-Laboratory (BioVeL): Athentication & Authorisation
Biodiversity Virtual e-Laboratory (BioVeL): Athentication & Authorisation
Renzo Kottmann
 
Goodle Developer Days London 2008 - Open Social Update
Goodle Developer Days London 2008 - Open Social Update
Patrick Chanezon
 
Presentatie Code Jam Niels van Dijk
Presentatie Code Jam Niels van Dijk
kirstenveelo
 
CASCON 2017 - OpenAPI v3
CASCON 2017 - OpenAPI v3
Arthur De Magalhaes
 
Best Practices in Widget Development - Examples and Counterexamples
Best Practices in Widget Development - Examples and Counterexamples
ROLE Project
 
Building the Future Together: AtoM3, Governance, and the Sustainability of Op...
Building the Future Together: AtoM3, Governance, and the Sustainability of Op...
Artefactual Systems - AtoM
 
Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...
Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...
sparkfabrik
 
Docker and Vagrant usage in OPENi
Docker and Vagrant usage in OPENi
openi_ict
 
Building SharePoint Online applications using Napa Office 365 Development Tools
Building SharePoint Online applications using Napa Office 365 Development Tools
Gunnar Peipman
 
Adding Identity Management and Access Control to your Application
Adding Identity Management and Access Control to your Application
Álvaro Alonso González
 
Duo World Architecture
Duo World Architecture
Supun Dissanayake
 
OpenDaylight nluug_november
OpenDaylight nluug_november
Christopher Price
 
OpenSocial CyWorld Dev.Square presentation Sep 09
OpenSocial CyWorld Dev.Square presentation Sep 09
Chris Schalk
 
API Design & Security in django
API Design & Security in django
Tareque Hossain
 
OpenSocial and Mixi platform
OpenSocial and Mixi platform
Pham Thinh
 
Introduction To Open Web Protocols
Introduction To Open Web Protocols
Mohan Krishnan
 
Enterprise Social using Open Source Frameworks
Enterprise Social using Open Source Frameworks
Werner Keil
 
Enterprise Social using Open Source Frameworks (SMWCPH)
Enterprise Social using Open Source Frameworks (SMWCPH)
Werner Keil
 
Introduction to Portlets Using Liferay Portal
Introduction to Portlets Using Liferay Portal
rivetlogic
 
Gateways 2020 Tutorial - Introduction to Globus
Gateways 2020 Tutorial - Introduction to Globus
Globus
 
Biodiversity Virtual e-Laboratory (BioVeL): Athentication & Authorisation
Biodiversity Virtual e-Laboratory (BioVeL): Athentication & Authorisation
Renzo Kottmann
 
Goodle Developer Days London 2008 - Open Social Update
Goodle Developer Days London 2008 - Open Social Update
Patrick Chanezon
 
Presentatie Code Jam Niels van Dijk
Presentatie Code Jam Niels van Dijk
kirstenveelo
 
Best Practices in Widget Development - Examples and Counterexamples
Best Practices in Widget Development - Examples and Counterexamples
ROLE Project
 
Building the Future Together: AtoM3, Governance, and the Sustainability of Op...
Building the Future Together: AtoM3, Governance, and the Sustainability of Op...
Artefactual Systems - AtoM
 
Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...
Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...
sparkfabrik
 
Docker and Vagrant usage in OPENi
Docker and Vagrant usage in OPENi
openi_ict
 
Building SharePoint Online applications using Napa Office 365 Development Tools
Building SharePoint Online applications using Napa Office 365 Development Tools
Gunnar Peipman
 
Adding Identity Management and Access Control to your Application
Adding Identity Management and Access Control to your Application
Álvaro Alonso González
 
Ad

More from Chris Schalk (20)

Google App Engine Overview and Update
Google App Engine Overview and Update
Chris Schalk
 
Building Integrated Applications on Google's Cloud Technologies
Building Integrated Applications on Google's Cloud Technologies
Chris Schalk
 
How to build Kick Ass Games in the Cloud
How to build Kick Ass Games in the Cloud
Chris Schalk
 
Building Kick Ass Video Games for the Cloud
Building Kick Ass Video Games for the Cloud
Chris Schalk
 
Building Integrated Applications on Google's Cloud Technologies
Building Integrated Applications on Google's Cloud Technologies
Chris Schalk
 
GDD 2011 - How to build kick ass video games for the cloud
GDD 2011 - How to build kick ass video games for the cloud
Chris Schalk
 
Quick Intro to Google Cloud Technologies
Quick Intro to Google Cloud Technologies
Chris Schalk
 
Intro to Google's Cloud Technologies
Intro to Google's Cloud Technologies
Chris Schalk
 
Introduction to Google's Cloud Technologies
Introduction to Google's Cloud Technologies
Chris Schalk
 
Google App Engine's Latest Features
Google App Engine's Latest Features
Chris Schalk
 
Building Apps on Google Cloud Technologies
Building Apps on Google Cloud Technologies
Chris Schalk
 
Google App Engine's Latest Features
Google App Engine's Latest Features
Chris Schalk
 
Building Multi-platform Video Games for the Cloud
Building Multi-platform Video Games for the Cloud
Chris Schalk
 
Building Enterprise Applications on Google Cloud Platform Cloud Computing Exp...
Building Enterprise Applications on Google Cloud Platform Cloud Computing Exp...
Chris Schalk
 
Introduction to Google's Cloud Technologies
Introduction to Google's Cloud Technologies
Chris Schalk
 
Javaedge 2010-cschalk
Javaedge 2010-cschalk
Chris Schalk
 
Introduction to Google Cloud Platform Technologies
Introduction to Google Cloud Platform Technologies
Chris Schalk
 
Google Cloud Technologies Overview
Google Cloud Technologies Overview
Chris Schalk
 
Introducing App Engine for Business
Introducing App Engine for Business
Chris Schalk
 
Introduction to Google Cloud platform technologies
Introduction to Google Cloud platform technologies
Chris Schalk
 
Google App Engine Overview and Update
Google App Engine Overview and Update
Chris Schalk
 
Building Integrated Applications on Google's Cloud Technologies
Building Integrated Applications on Google's Cloud Technologies
Chris Schalk
 
How to build Kick Ass Games in the Cloud
How to build Kick Ass Games in the Cloud
Chris Schalk
 
Building Kick Ass Video Games for the Cloud
Building Kick Ass Video Games for the Cloud
Chris Schalk
 
Building Integrated Applications on Google's Cloud Technologies
Building Integrated Applications on Google's Cloud Technologies
Chris Schalk
 
GDD 2011 - How to build kick ass video games for the cloud
GDD 2011 - How to build kick ass video games for the cloud
Chris Schalk
 
Quick Intro to Google Cloud Technologies
Quick Intro to Google Cloud Technologies
Chris Schalk
 
Intro to Google's Cloud Technologies
Intro to Google's Cloud Technologies
Chris Schalk
 
Introduction to Google's Cloud Technologies
Introduction to Google's Cloud Technologies
Chris Schalk
 
Google App Engine's Latest Features
Google App Engine's Latest Features
Chris Schalk
 
Building Apps on Google Cloud Technologies
Building Apps on Google Cloud Technologies
Chris Schalk
 
Google App Engine's Latest Features
Google App Engine's Latest Features
Chris Schalk
 
Building Multi-platform Video Games for the Cloud
Building Multi-platform Video Games for the Cloud
Chris Schalk
 
Building Enterprise Applications on Google Cloud Platform Cloud Computing Exp...
Building Enterprise Applications on Google Cloud Platform Cloud Computing Exp...
Chris Schalk
 
Introduction to Google's Cloud Technologies
Introduction to Google's Cloud Technologies
Chris Schalk
 
Javaedge 2010-cschalk
Javaedge 2010-cschalk
Chris Schalk
 
Introduction to Google Cloud Platform Technologies
Introduction to Google Cloud Platform Technologies
Chris Schalk
 
Google Cloud Technologies Overview
Google Cloud Technologies Overview
Chris Schalk
 
Introducing App Engine for Business
Introducing App Engine for Business
Chris Schalk
 
Introduction to Google Cloud platform technologies
Introduction to Google Cloud platform technologies
Chris Schalk
 
Ad

Recently uploaded (20)

FIDO Seminar: Perspectives on Passkeys & Consumer Adoption.pptx
FIDO Seminar: Perspectives on Passkeys & Consumer Adoption.pptx
FIDO Alliance
 
OpenACC and Open Hackathons Monthly Highlights June 2025
OpenACC and Open Hackathons Monthly Highlights June 2025
OpenACC
 
Floods in Valencia: Two FME-Powered Stories of Data Resilience
Floods in Valencia: Two FME-Powered Stories of Data Resilience
Safe Software
 
War_And_Cyber_3_Years_Of_Struggle_And_Lessons_For_Global_Security.pdf
War_And_Cyber_3_Years_Of_Struggle_And_Lessons_For_Global_Security.pdf
biswajitbanerjee38
 
AudGram Review: Build Visually Appealing, AI-Enhanced Audiograms to Engage Yo...
AudGram Review: Build Visually Appealing, AI-Enhanced Audiograms to Engage Yo...
SOFTTECHHUB
 
Murdledescargadarkweb.pdfvolumen1 100 elementary
Murdledescargadarkweb.pdfvolumen1 100 elementary
JorgeSemperteguiMont
 
Artificial Intelligence in the Nonprofit Boardroom.pdf
Artificial Intelligence in the Nonprofit Boardroom.pdf
OnBoard
 
June Patch Tuesday
June Patch Tuesday
Ivanti
 
Securing Account Lifecycles in the Age of Deepfakes.pptx
Securing Account Lifecycles in the Age of Deepfakes.pptx
FIDO Alliance
 
OWASP Barcelona 2025 Threat Model Library
OWASP Barcelona 2025 Threat Model Library
PetraVukmirovic
 
Tech-ASan: Two-stage check for Address Sanitizer - Yixuan Cao.pdf
Tech-ASan: Two-stage check for Address Sanitizer - Yixuan Cao.pdf
caoyixuan2019
 
Security Tips for Enterprise Azure Solutions
Security Tips for Enterprise Azure Solutions
Michele Leroux Bustamante
 
Viral>Wondershare Filmora 14.5.18.12900 Crack Free Download
Viral>Wondershare Filmora 14.5.18.12900 Crack Free Download
Puppy jhon
 
FME for Distribution & Transmission Integrity Management Program (DIMP & TIMP)
FME for Distribution & Transmission Integrity Management Program (DIMP & TIMP)
Safe Software
 
Crypto Super 500 - 14th Report - June2025.pdf
Crypto Super 500 - 14th Report - June2025.pdf
Stephen Perrenod
 
FIDO Seminar: Targeting Trust: The Future of Identity in the Workforce.pptx
FIDO Seminar: Targeting Trust: The Future of Identity in the Workforce.pptx
FIDO Alliance
 
“Key Requirements to Successfully Implement Generative AI in Edge Devices—Opt...
“Key Requirements to Successfully Implement Generative AI in Edge Devices—Opt...
Edge AI and Vision Alliance
 
FME for Good: Integrating Multiple Data Sources with APIs to Support Local Ch...
FME for Good: Integrating Multiple Data Sources with APIs to Support Local Ch...
Safe Software
 
Supporting the NextGen 911 Digital Transformation with FME
Supporting the NextGen 911 Digital Transformation with FME
Safe Software
 
Bridging the divide: A conversation on tariffs today in the book industry - T...
Bridging the divide: A conversation on tariffs today in the book industry - T...
BookNet Canada
 
FIDO Seminar: Perspectives on Passkeys & Consumer Adoption.pptx
FIDO Seminar: Perspectives on Passkeys & Consumer Adoption.pptx
FIDO Alliance
 
OpenACC and Open Hackathons Monthly Highlights June 2025
OpenACC and Open Hackathons Monthly Highlights June 2025
OpenACC
 
Floods in Valencia: Two FME-Powered Stories of Data Resilience
Floods in Valencia: Two FME-Powered Stories of Data Resilience
Safe Software
 
War_And_Cyber_3_Years_Of_Struggle_And_Lessons_For_Global_Security.pdf
War_And_Cyber_3_Years_Of_Struggle_And_Lessons_For_Global_Security.pdf
biswajitbanerjee38
 
AudGram Review: Build Visually Appealing, AI-Enhanced Audiograms to Engage Yo...
AudGram Review: Build Visually Appealing, AI-Enhanced Audiograms to Engage Yo...
SOFTTECHHUB
 
Murdledescargadarkweb.pdfvolumen1 100 elementary
Murdledescargadarkweb.pdfvolumen1 100 elementary
JorgeSemperteguiMont
 
Artificial Intelligence in the Nonprofit Boardroom.pdf
Artificial Intelligence in the Nonprofit Boardroom.pdf
OnBoard
 
June Patch Tuesday
June Patch Tuesday
Ivanti
 
Securing Account Lifecycles in the Age of Deepfakes.pptx
Securing Account Lifecycles in the Age of Deepfakes.pptx
FIDO Alliance
 
OWASP Barcelona 2025 Threat Model Library
OWASP Barcelona 2025 Threat Model Library
PetraVukmirovic
 
Tech-ASan: Two-stage check for Address Sanitizer - Yixuan Cao.pdf
Tech-ASan: Two-stage check for Address Sanitizer - Yixuan Cao.pdf
caoyixuan2019
 
Security Tips for Enterprise Azure Solutions
Security Tips for Enterprise Azure Solutions
Michele Leroux Bustamante
 
Viral>Wondershare Filmora 14.5.18.12900 Crack Free Download
Viral>Wondershare Filmora 14.5.18.12900 Crack Free Download
Puppy jhon
 
FME for Distribution & Transmission Integrity Management Program (DIMP & TIMP)
FME for Distribution & Transmission Integrity Management Program (DIMP & TIMP)
Safe Software
 
Crypto Super 500 - 14th Report - June2025.pdf
Crypto Super 500 - 14th Report - June2025.pdf
Stephen Perrenod
 
FIDO Seminar: Targeting Trust: The Future of Identity in the Workforce.pptx
FIDO Seminar: Targeting Trust: The Future of Identity in the Workforce.pptx
FIDO Alliance
 
“Key Requirements to Successfully Implement Generative AI in Edge Devices—Opt...
“Key Requirements to Successfully Implement Generative AI in Edge Devices—Opt...
Edge AI and Vision Alliance
 
FME for Good: Integrating Multiple Data Sources with APIs to Support Local Ch...
FME for Good: Integrating Multiple Data Sources with APIs to Support Local Ch...
Safe Software
 
Supporting the NextGen 911 Digital Transformation with FME
Supporting the NextGen 911 Digital Transformation with FME
Safe Software
 
Bridging the divide: A conversation on tariffs today in the book industry - T...
Bridging the divide: A conversation on tariffs today in the book industry - T...
BookNet Canada
 

Server-side Java Programming

  • 1. Server-side OpenSocial Java programming Chris Schalk, Google Developer Advocate 10/04/2009
  • 2. Agenda • OpenSocial Background • OAuth Background • OpenSocial Java Client Libraries • 2-legged and 3-legged OAuth Access • Connecting to a Google Friend Connect site 2
  • 4. What is OpenSocial? “OpenSocial defines a common set of APIs based on Open Standards for building social applications across multiple websites” 4
  • 5. What is OpenSocial? Before OpenSocial… 5
  • 6. What is OpenSocial? Standards Based 6
  • 9. Who owns OpenSocial? ? No! OpenSocial is managed under the auspices of the “OpenSocial Foundation” - http://www.opensocial.org 9
  • 10. Who's Using it? and many more... 10
  • 12. OpenSocial Roadmap • Version 0.5 was released in a “developer release” on Nov 1st 2007. • First “sandbox” was made available on Orkut • Version 0.6 was released in December 2007 • Initial version of Shindig server software was launched as Apache incubator project • Other sandboxes came live - Hi5, Ning, Plaxo … • Version 0.7 (production) was released in January 2008 • MySpace, Hi5, Orkut began running 0.7 12
  • 13. OpenSocial Roadmap • Version v0.8/0.8.1 • Released in late 2008 • Contains a RESTful protocol, RPC protocol • OpenSocial Client Libraries launched in Dec 08 • Specification: http://www.opensocial.org/Technical-Resources/opensocial-spec-v081 13
  • 14. OpenSocial 0.9 - Current • Key Goal: – Enable a faster development experience that is both secure and efficient Core principles: • Client-side and server-side processing • Standard set of tags with extensibility model – Example: <os:ShowPerson> 14
  • 15. Where can you find info on OpenSocial? http://wiki.opensocial.org 15
  • 17. OAuth 101 What is OAuth? • A standard, open protocol for secure API authorization for : – Desktop – Web – Mobile • OAuth provides an API to access to secure data while protecting account credentials. • More info: http://oauth.net 17
  • 18. OpenSocial Java client libraries 18 1 8
  • 19. Introducing the OpenSocial Client Libraries A set of client libraries for that enable direct communication to an OpenSocial server. • Client libraries exist for PHP, Ruby, Python and Java • Supports both REST and RPC protocols • Documentation Wiki pages • Sample applications provided http://code.google.com/p/opensocial-php-client http://code.google.com/p/opensocial-ruby-client http://code.google.com/p/opensocial-python-client http://code.google.com/p/opensocial-java-client 19 19
  • 20. RESTful and RPC protocols Sample: Using the OpenSocial client library to Fetch a user’s friends OpenSocialClient c = new OpenSocialClient("myhost.com"); c.setProperty(OpenSocialClient.Properties.REST_BASE_URI, "http://localhost:8080/social/rest/"); try { OpenSocialPerson p = c.fetchPerson("john.doe"); System.out.println(p.getDisplayName()); Collection<OpenSocialPerson> friends = c.fetchFriends("john.doe"); for (OpenSocialPerson friend : friends) { System.out.println(friend.getDisplayName()); } } catch (Exception e) { } 20
  • 21. Demonstration: Working with the OpenSocial Java client library 21 21
  • 22. 2-legged and 3-legged OAuth access 22 2 2
  • 23. Demonstration: Connecting to an OpenSocial container using 2-legged OAuth (2-legged) http://code.google.com/p/opensocial-java-client/wiki/TwoLeggedOAuthJava 23 23
  • 24. Examining 2-legged OAuth access • Does not offer universal access to the container – Specifically tied to a single application installed on the container – Uses hardcoded token values • Consumer Key • Consumer Secret • Application security is left to the calling application • Pros: – Technically easy to implement – Good for background data fetch • Cons: – Can only access social data associated with single application on the container – Security can be compromised if Consumer key/secret obtained 24
  • 25. Demonstration: Connecting to an OpenSocial container using 3-legged OAuth (3-legged) http://wiki.opensocial.org/index.php?title=Social_Website_Tutorial 25 25
  • 27. Examining 3-legged OAuth access • Offers universal access to the container – User provides their own credentials to container to allow access to data • Application security is entirely under control of container • Pros: – Not hardcoded to specific application since user provides credentials, so access can be for anyone • Cons: – Always have to go through access request step • “Doing the Dance…” – Not meant for automated data transactions 27
  • 28. Connecting to a Google Friend Connect Site 28 2 8
  • 29. Demonstration: Connecting to Google Friend Connect from an independent website ‘fcauth’ security token http://plane-crazy.appspot.com 29 29
  • 30. Useful Links OpenSocial Homepage & specification: http://www.opensocial.org OAuth website: • http://oauth.net 2 legged OAuth tutorial (in the wiki): • http://code.google.com/p/opensocial-java-client/ 3 legged OAuth tutorial: “social website tutorial”: • http://wiki.opensocial.org/index.php?title=Social_Website_Tutorial Google Friend Connect: • http://google.com/friendconnect • http://code.google.com/apis/friendconnect Plane Crazy example app: • http://plane-crazy.appspot.com 30
  • 31. Questions Q&A Thank You! 31