1 / 27

Foundations of a Social Application Platform

This deck runs through some of the core utilities used by many of the social networking sites out today to host third party applications on their sites, taken from the perspective of OpenSocial containers such as the Yahoo! Application Platform, MySpace, Orkut, etc. Providing an in depth look into open standards for security, authentication and cross platform migrations, this presentation seeks to compare some of the major platform implementations currently used and provide code examples on how to build real world applications.

jcleblanc
Download Presentation

Foundations of a Social Application Platform

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. The Foundations of a Social Platform Jonathan LeBlanc Technology Evangelist Yahoo! Developer Network Twitter: @jcleblanc

  2. EXAMPLES | TUTORIALS | CODE SAMPLES DEVELOPER.YAHOO.COM

  3. Open ID – Single Account Sign-in

  4. OAuth - Open Authentication

  5. OAuth – What Does the End-User See?

  6. OAuth – What Does the End-User See?

  7. SDKs (Software Development Kits) PHP, Python, Java, ActionScript 3, Objective-C, and OpenSocial REST APIs http://www.github.com/yahoo

  8. What is OpenSocial? • OpenSocial API For developing applications on social networks • Accessing social data (profiles, connections) • Fetching and inserting activities Implemented by many containers • Develop once, distribute broadly • •

  9. Collecting User Data With OpenSocial 0.8 /* OpenSocial PERSON data request */ var req = opensocial.newDataRequest(); var params = {}; params[opensocial.DataRequest.PeopleRequestFields.PROFILE_DETA ILS] = [ opensocial.Person.Field.NAME, opensocial.Person.Field.THUMBNAIL_URL ]; req.add(req.newFetchPersonRequest('VIEWER', params), 'viewer_profile'); req.send(response);

  10. Collecting User Data With OpenSocial 0.8 /* response handler */ function response(data){ var viewer = data.get('viewer_profile').getData(); var aboutme = viewer.getField(opensocial.Person.Field.NAME); }

  11. Fetching Updates with OpenSocial 0.8

  12. Getting Updates With OpenSocial 0.8 var req = opensocial.newDataRequest(); var spec = new opensocial.IdSpec(); spec.setField(opensocial.IdSpec.Field.USER_ID, opensocial.IdSpec.PersonId.OWNER); req.add(req.newFetchActivitiesRequest(spec), 'ownerActivities'); req.send(handleActivities);

  13. Getting Updates With OpenSocial 0.8 function handleActivities(dataResponse) { var ownerActivities = dataResponse.get('ownerActivities').getData( ); //parse owner activities }

  14. Inserting Updates with OpenSocial 0.8 var params = {}, activity; params[opensocial.Activity.Field.TITLE] = title; params[opensocial.Activity.Field.BODY] = body; activity = opensocial.newActivity(params); opensocial.requestCreateActivity( activity, opensocial.CreateActivityPriority.LOW, callback);

  15. Fetching Connections With OpenSocial 0.8

  16. Fetching Connections With OpenSocial 0.8 /* get owner and owner friends */ var idspec = opensocial.newIdSpec({ 'userId' : 'OWNER', 'groupId' : 'FRIENDS' }); var req = opensocial.newDataRequest(); req.add(req.newFetchPersonRequest('OWNER'), 'get_owner'); req.add(req.newFetchPeopleRequest(idspec), 'get_friends'); req.send(responseFriends);

  17. Fetching Connections With OpenSocial 0.8 /* connection response function */ function responseFriends(data){ var owner = data.get('get_owner').getData(); var objFriends = data.get('get_friends').getData(); var html = 'Friends of ' + owner.getDisplayName() + '<br />'; objFriends.each(function(person) { html += person.getDisplayName() + '<br />'; }); }

  18. Making AJAX Requests With OpenSocial 0.8 var params = {}; var url = 'http://developer.yahoo.com/yql/console/?q=selec t%20*%20from%20flickr.photos.search%20where% 20text%3D%22Times%20Square%22' var callback = callbackFunc; params[gadgets.io.RequestParameters.CONTENT_TYPE] = gadgets.io.ContentType.TEXT; params[gadgets.io.RequestParameters.METHOD] = gadgets.io.MethodType.GET; gadgets.io.makeRequest(url, callback, params);

  19. Making AJAX Requests With OpenSocial 0.8 function callbackFunc(response){ if (response.text){ //use response.txt } }

  20. Front-end Security

  21. Front-end Security: IFrames IFrames - Pros • Quick to set up • Full content control for developers IFrames - Cons • Drive-by downloads • No content restrictions • Other known exploits

  22. Front-end Security: Caja Caja - Pros • Very secure model (blacklist all) • Aims to protect end-users • Full content control Caja - Cons • Slow to set up • Difficult to configure • No full content control

  23. Front-end Security: Caja Cajoling Process <script type="text/javascript"> function response(obj) { if (obj.text){ document.getElementById('interact').setInnerHTML('P opulated!'); document.getElementById('population').setInnerHTML (obj.errors); } } </script>

  24. Front-end Security: Caja Cajoling Process var $dis = $v.getOuters(); $v.initOuter('onerror'); $v.so('response', ___.markFuncFreeze(function () { function response$_caller($dis, obj) { if ($v.r(obj, 'text')) { $v.cm($v.cm($v.ro('document'), 'getElementById', [ 'interact' ]), 'setInnerHTML', [ 'Populated!' ]); $v.cm($v.cm($v.ro('document'), 'getElementById', [ 'population' ]), 'setInnerHTML', [ $v.r(obj, 'errors') ]); } } response$_caller.FUNC___ = 'response$_caller'; var response;; response = $v.dis(___.primFreeze(response$_caller), 'response'); return response;

  25. Questions?

More Related