GETTING STARTED OAUTH
AS CONSUMER

OAuth allows secure API authentication.

The mydigitalstructure onDemand service allows you to simply access OAuth based webservices - taking away the complication of creating signatures and also making sure your application keys stay protected in the model and not exposed to the client.

You can effectively extend the mydigitalstructure organisational model and thus the number of use cases, under the service oriented architecture.

Some services that support OAuth include: Twitter, Google, LinkedIn, Xero. 

About OAuth


TWITTER EXAMPLE

Sending a user status update to twitter.

Assumptions:

You have a twitter account.

Example Steps as structure administrator (once only):

1 On the twitter service you first need to do a once off Application registration - this is effectively giving permission for 3rd party applications to request access to your twitter account.

Create a new app in twitter
 
2 The application will set up 2 keys for you:
# Consumer key
# Consumer secret

You then need to use:

/ondemand/setup/?method=SETUP_URL_MANAGE&type=7&urllogon=[Consumer key]&urlpassword=[Consumer secret]&private=N&title=Twitter

These application credentials will be used automatically when requesting an user access token in the following steps.

Example Steps as a user giving permission (once only per user):

You can now request a token (which is done in 3 phases). 

1 Request an application level token:

/ondemand/network/?method=NETWORK_OAUTH_REQUEST_TOKEN&type=7

You will be returned a parameter: oauth_token

That you need to redirect to the Twitter user authentication page, eg:

http://twitter.com/oauth/authenticate/?oauth_token=[oauth_token]&force_login=true 

Twitter will then call back to the url you specified when setting up the application or the url supplied in the NETWORK_OAUTH_REQUEST_TOKEN call as &urlcallback=

You wil get back two parameters in the query string that you need to extract:
# oauth_token
# oauth_verifier 

They will be used in the phase 2 in step 4 next. 

2 Requesting the user access token

/ondemand/network/?method=NETWORK_OAUTH_METHOD&type=7&p_oauth_token=[oauth_token]&p_oauth_verifier=[oauth_verifier]&responseparameters=oauth_token-oauth_token_secret&remember=1

This gets back the auth_token and secret for the user and saves it against their account for future use.

3 Sending status update to twitter:

/ondemand/network/?method=NETWORK_OAUTH_METHOD&type=7
&p_status=Testing%20twitter%20integration!
&urlendpoint=http://twitter.com/statuses/update.json
&responsetext=1&token=1&oauthmethod=POST

You can use any method with the Twitter REST API

USEFUL API's

 

  oauth-2-sm.png
 
BUSINESS GRAPH

Graph theory is the theory of links and nodes and how they interconnect – so a “graph” represents these links, on facebook.com the links to friends represents your social graph.

The links between contacts, invoices etc is an organisations “business graph”.

Some reading...

 

OPEN GRAPH

The Open Graph protocol enables any web page to become a rich object in a social graph.

Some reading...