SlideShare uma empresa Scribd logo

Spring Social - Messaging Friends & Influencing People

Transferir como PPTX, PDF
Gordon Dickens
Gordon Dickens

Conference Abstract: This session will focus on integrating with social media with your Spring projects. The Spring Social project allows developers to interact with Twitter, LinkedIn, Facebook & TripIt in web and mobile projects. We will discuss security concerns with OAuth 1.0 & 2.0 and how Spring templates make our job easier. Topics Include: - Spring Greenhouse - reference implementation of Spring Social - Spring Mobile - integrating Spring Social with iPhone & Android - Security with OAuth - Accessing Social data with REST, JSON & XML - Examples of Spring Social Media Templates

Tecnologia
1 de 44
Spring Social Messaging Friends & Influencing People ETE 2011 Apr 27-28, 2011
Who Am I? • Instructor/Mentor • Active Tweeter for Open Source Tech Topics twitter.com/gdickens • Certified Instructor for • DZone Most Valuable Blogger dzone.com/page/mvbs – dzone.com/user/284679 Technophile Blog - technophile.gordondickens.com 2
Agenda • Spring & REST • Spring Social • Security with OAuth • Spring Mobile • Spring Android • Spring iPhone • Spring Greenhouse 3
Social & Mobile Projects • Spring Social • Spring Mobile • Spring Android • Spring Greenhouse 4
What is Spring Social? • Allow ourapps to interact with 5
Simple Twitter TwitterTemplatetwitterTemplate = new TwitterTemplate(); List<String> friends = twitterTemplate.getFriends("chariotsolution"); for (String friend : friends) { logger.debug("Friend: {}”, friend); } 6
What is TwitterTemplate? • One of the Provider Specific Templates • A convenience class • Implements TwitterApi • Wraps RESTful calls to Twitter –Using Spring 3 RestTemplate • OAuth support – provider specific 7
Twitter API 8
REST& Social Media • Search Twitter with RestTemplate RestTemplaterestTemplate= new RestTemplate(); String search= "#phillyete"; String results = restTemplate.getForObject( "http://search.twitter.com/search.json?q={sea rch}",String.class, search); Note: All the cool kids are using REST 9
Who is using REST? 10
Spring REST • Added in Spring 3.0 • RestTemplate – Client side • Spring MVC – Server side – <mvc:annotation-driven/> – Annotations – Content Negotiation – Web page support for PUT & DELETE • HiddenHttpMethodFilter 11
<mvc:annotation-driven/> • Validation – JSR-303 • Formatting – Annotated Field Formatters • Conversion – JSON – XML – ATOM/RSS – JodaTime – Custom Conversion (MyBean1 to/from MyBean2) 12
Spring REST Annotations • @RequestMapping • @RequestHeader – Method for URL Path – Value in Req Header • @PathVariable • @ResponseStatus – Var in URL path “/{myVar}” – Http Codes on success • @RequestParam • @ExceptionHandler – Parameter – Methods by exception “/myurl/?myVar=abc” • @ModelAttribute • @RequestBody – Returning result into model – Unmarshal into bean • @ResponseBody – Marshal into bean 13
Spring REST Annotations @Controller public class TwitterTimelineController { ... @RequestMapping(value="/twitter/timeline/{timelineType}", method=RequestMethod.GET) public String showTimeline(@PathVariable("timelineType") String timelineType, Model model) { TwitterApi twitterApi = getTwitterApi(); if (timelineType.equals("Home")) { model.addAttribute("timeline", twitterApi.timelineOperations().getHomeTimeline()); } else if(timelineType.equals("Public")) { model.addAttribute("timeline", twitterApi.timelineOperations().getPublicTimeline()); ... } model.addAttribute("timelineName", timelineType); return "twitter/timeline"; } 14
Content Negotiating • ContentNegotiatingViewResolver –Client requests format of data –“Accept” header –“format” parameter –URL extension –Java Activation Framework 15
Templates to the Rescue • Template for each Social Media Provider – TwitterTemplate, LinkedInTemplate, etc. • Provider Specific – Authentication Support – API methods • For other providers: – Roll your own – RestTemplate is our friend 16
Template API Calls • Most calls require authentication –Some trivial calls do not need auth • Authentication –Provider side –Secured with OAuth 17
Authenticating “An open protocol to allow secure API authorization in a simple and standard method from desktop to web applications.” http://oauth.net code.google.com/p/oauth/ 18
OAuth Participants • Client Client – Our app – Wants to access serverto Access Wants • Server Server – With whom we want to connect – May not be the provider • Service Provider – Provides authentication S.P. I verify credentials 19
OAuth Flavors • 1.0a –More complex • 2.0 20
OAuth Safety Dance 1. App asks for a request token • OAuth 1.0a - w callback URL 2. Provider issues a request token 3. App redirects user to provider's auth page • passes request token • OAuth 1.0a – w callback URL 4. Provider prompts to authorize 5. Provider redirects user back to app • OAuth 1.0a – w verifier code 6. App exchanges request token for access to • OAuth 1.0a - also w verifier code 7. Provider issues access token 8. App uses the access token • App now obtains a ref to the Service API • interacts with provider on behalf of the user 21
Twitter Auth Steps 1. ApiKey- Redirect user to provider auth page 2. User authenticates themselves 3. User authorizes our app to act on their behalf 4. User redirected to our site w/RequestToken &VerificationCode 5. RequestToken &VerificationCode, get AccessToken 6. Interact w/ provider using ApiKey &AccessToken 22
Template & OAuth Summary • Provider specific template • OAuth support within template • How do we manage provider login and credential storage? We need CPR! 23
Spring CPR • Connect Controller TwitterController – Connection to Service Provider • Service Provider TwitterServiceProvider – Twitter, LinkedIn, etc. • Connection Repository ConnectionRepository – Storage for Connection Details 24
Twitter CPR Signin 25
Connection API 26
CPR - Controller <bean class=”o.sf.social.web.connect.ConnectController"> <constructor-arg value="${application.url}”/> </bean> • application.url – Base secure URL for this application – used to construct the callback URL – passed to the service providers 27
CPR - Provider <bean class=”o.sf.social.twitter.connect.TwitterServiceProvider"> <constructor-arg value="${twitter.appId}" /> <constructor-arg value="${twitter.appSecret}" /> <constructor-arg ref="connectionRepository" /> </bean> • twitter.appId – ApiKey assigned to app by provider • twitter.appSecret – VerifierCode returned by provider 28
CPR - Repository <bean id="connectionRepository" class=”o.sf.social.connect.jdbc.JdbcConnectionRepository"> <constructor-arg ref="dataSource" /> create table Connection ( <constructor-arg ref="textEncryptor" /> id identity, </bean> accountId varchar not null, providerId varchar not null, accessToken varchar not null, secret varchar, refreshToken varchar, • textEncryptor providerAccountId varchar, primary key (id)); – interface for symmetric encryption of text strings 29
Greenhouse: RI app suite • Spring Greenhouse (RI) • Web App – Group Event Management – Environment-specific Beans and Profiles – Password Encoding &Data Encryption • Social Media – Integration – Authentication • Mobile Apps – Android – iPhone 30
Greenhouse: Social & Mobile • Spring Social – App Framework – Service Provider Framework • Twitter, Facebook, LinkedIn & TripIt – Sign Up, Sign In & Password Reset – Member Invite – Badge System • Spring Mobile – iPhone Client – Android Client – Mobile web version for other smartphone platforms 31
Spring Mobile • Server Side • Spring MVC Extension • Key Facets: 1. Mobile Device Detection 2. Site Preference Management 3. Site Switching 32
Mobile Detection in MVC • DeviceResolver – Inspects inbound HttpRequest – “User-Agent” header – Default Analysis: ”Mobile device client?” • More sophisticated resolvers identify – screen size – manufacturer – model • DeviceResolverHandlerInterceptor – preferred markup – LiteDeviceResolver (default) • Based on Wordpress Lite Algorithm • Part of Wordpress Mobile Pack(wpmp) – Plug in another for specific features • WurflDeviceResolver (Java API) 33
MVC Configuration • Handler Interceptor <mvc:interceptors> <!– Resolve device on pre-handle --> <bean class=”o.sf.mobile.device.DeviceResolverHandlerInterceptor”/> </mvc:interceptors> • Enable Device for Controller Methods <mvc:annotation-driven> <mvc:argument-resolvers> <bean class=”o.sf.mobile.device.DeviceWebArgumentResolver”/> </mvc:argument-resolvers> </mvc:annotation-driven> • Inject Device @Controller public class MyController { … @RequestMapping("/”) public void sayHi(Device device) { if (device.isMobile()) logger.info("Hello mobile user!"); 34
Greenhouse CPR • AnnotatedControllerConfig – DeviceResolverHandlerInterceptor – DeviceHandlerMethodArgumentResolver – FacebookHandlerMethodArgumentResolver 35
DeviceResolver API 36
Preference Management • App supporting multiple sites –“mobile” –“normal” • Allow user to switch • SitePreferenceHandler interface • SitePreferenceWebArgumentResolver • CookieSitePreferenceRepository 37
MVC Pref Config • Enable SitePreference support <mvc:annotation-driven> <mvc:argument-resolvers> <bean class=”o.sf.mobile.device.DeviceWebArgumentResolver" /> <bean class=”o.sf.mobile.device.site.SitePreferenceWebArgumentResolver" /> </mvc:argument-resolvers> </mvc:annotation-driven> • Inject into Controller Methods @Controller public class MyController { @RequestMapping("/”) public String home(SitePreference sitePreference, Model model) { if (sitePreference == SitePreference.MOBILE) { … 38
Site Switching • Hosting mobile site different location • SiteSwitcherHandlerInterceptor • mDot m.${serverName} • dotMobi ${serverName}.mobi 39
Spring Android • Client tools • Http Components • RestTemplate • Object to JSON Marshaling • Object to XML Marshaling • RSS and Atom Support • Greenhouse app in Android market – https://market.android.com/details?id=com.springsource.greenho use 40
Spring iPhone • Greenhouse for iPhone client • Download & Install the iOS SDK • Project source code from the git – git clone git://git.springsource.org/greenhouse/iphone.git • Open the Greenhouse.xcodeproj in Xcode • Expects Greenhouse web app running locally • Greenhouse App in iTunes – http://itunes.apple.com/us/app/greenhouse/id395862873?mt=8 41
Spring Social Showcase • Twitter, Facebook, TripIt • MVC Application • CPR configuration 42
Summary • Spring Social • App collaboration with SM Sites • Security through OAuth • Spring REST • Significant for Social & Mobile • RestTemplate Rules! • Spring Mobile – MVC Support for Mobile Devices • Spring Android – Client Tools, based on RestTemplate 43
Q& F • Questions? • Followup – Learn REST… – Spring Social Showcase – Spring Greenhouse • Contact me – technophile.gordondickens.com – gordon@gordondickens.com 44

Recomendados

RESTful Web Services
RESTful Web ServicesRESTful Web Services
RESTful Web ServicesGordon Dickens
 
The RESTful Soa Datagrid with Oracle
The RESTful Soa Datagrid with OracleThe RESTful Soa Datagrid with Oracle
The RESTful Soa Datagrid with OracleEmiliano Pecis
 
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRISThe glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRISGeert Pante
 
A great api is hard to find
A great api is hard to findA great api is hard to find
A great api is hard to findDan Diephouse
 
Building REST and Hypermedia APIs with PHP
Building REST and Hypermedia APIs with PHPBuilding REST and Hypermedia APIs with PHP
Building REST and Hypermedia APIs with PHPAzRy LLC, Caucasus School of Technology
 
Take a REST!
Take a REST!Take a REST!
Take a REST!Vladimir Tsukur
 
JAX-RS 2.0: RESTful Web Services
JAX-RS 2.0: RESTful Web ServicesJAX-RS 2.0: RESTful Web Services
JAX-RS 2.0: RESTful Web ServicesArun Gupta
 
HATEOAS: The Confusing Bit from REST
HATEOAS: The Confusing Bit from RESTHATEOAS: The Confusing Bit from REST
HATEOAS: The Confusing Bit from RESTelliando dias
 

Recomendados

RESTful Web Services
RESTful Web ServicesRESTful Web Services
RESTful Web ServicesGordon Dickens
 
The RESTful Soa Datagrid with Oracle
The RESTful Soa Datagrid with OracleThe RESTful Soa Datagrid with Oracle
The RESTful Soa Datagrid with OracleEmiliano Pecis
 
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRISThe glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRISGeert Pante
 
A great api is hard to find
A great api is hard to findA great api is hard to find
A great api is hard to findDan Diephouse
 
Building REST and Hypermedia APIs with PHP
Building REST and Hypermedia APIs with PHPBuilding REST and Hypermedia APIs with PHP
Building REST and Hypermedia APIs with PHPAzRy LLC, Caucasus School of Technology
 
Take a REST!
Take a REST!Take a REST!
Take a REST!Vladimir Tsukur
 
JAX-RS 2.0: RESTful Web Services
JAX-RS 2.0: RESTful Web ServicesJAX-RS 2.0: RESTful Web Services
JAX-RS 2.0: RESTful Web ServicesArun Gupta
 
HATEOAS: The Confusing Bit from REST
HATEOAS: The Confusing Bit from RESTHATEOAS: The Confusing Bit from REST
HATEOAS: The Confusing Bit from RESTelliando dias
 
REST Architecture with use case and example
REST Architecture with use case and exampleREST Architecture with use case and example
REST Architecture with use case and exampleShailesh singh
 
REST API Design
REST API DesignREST API Design
REST API DesignDevi Kiran G
 
Web Center Services and Framework
Web Center Services and FrameworkWeb Center Services and Framework
Web Center Services and FrameworkJaime Cid
 
Restful webservices
Restful webservicesRestful webservices
Restful webservicesLuqman Shareef
 
Server-Side Programming Primer
Server-Side Programming PrimerServer-Side Programming Primer
Server-Side Programming PrimerIvano Malavolta
 
Representational State Transfer
Representational State TransferRepresentational State Transfer
Representational State TransferAlexei Skachykhin
 
RESTful Web APIs – Mike Amundsen, Principal API Architect, Layer 7
RESTful Web APIs – Mike Amundsen, Principal API Architect, Layer 7RESTful Web APIs – Mike Amundsen, Principal API Architect, Layer 7
RESTful Web APIs – Mike Amundsen, Principal API Architect, Layer 7CA API Management
 
Best Practices in Web Service Design
Best Practices in Web Service DesignBest Practices in Web Service Design
Best Practices in Web Service DesignLorna Mitchell
 
Hypermedia APIs
Hypermedia APIsHypermedia APIs
Hypermedia APIsPaulo Gandra de Sousa
 
LAJUG Napster REST API
LAJUG Napster REST APILAJUG Napster REST API
LAJUG Napster REST APIstephenbhadran
 
SharePoint Data Anywhere and Everywhere by Chris Beckett - SPTechCon
SharePoint Data Anywhere and Everywhere by Chris Beckett - SPTechConSharePoint Data Anywhere and Everywhere by Chris Beckett - SPTechCon
SharePoint Data Anywhere and Everywhere by Chris Beckett - SPTechConSPTechCon
 
RESTful services
RESTful servicesRESTful services
RESTful servicesgouthamrv
 
Web development with ASP.NET Web API
Web development with ASP.NET Web APIWeb development with ASP.NET Web API
Web development with ASP.NET Web APIDamir Dobric
 
HTML5 Server Sent Events/JSF JAX 2011 Conference
HTML5 Server Sent Events/JSF JAX 2011 ConferenceHTML5 Server Sent Events/JSF JAX 2011 Conference
HTML5 Server Sent Events/JSF JAX 2011 ConferenceRoger Kitain
 
REST & RESTful Web Services
REST & RESTful Web ServicesREST & RESTful Web Services
REST & RESTful Web ServicesHalil Burak Cetinkaya
 
Servletarchitecture,lifecycle,get,post
Servletarchitecture,lifecycle,get,postServletarchitecture,lifecycle,get,post
Servletarchitecture,lifecycle,get,postvamsi krishna
 
Survey of restful web services frameworks
Survey of restful web services frameworksSurvey of restful web services frameworks
Survey of restful web services frameworksVijay Prasad Gupta
 
Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...
Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...
Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...Joonas Lehtinen
 
Standards of rest api
Standards of rest apiStandards of rest api
Standards of rest apiMaýur Chourasiya
 
Websphere interview Questions
Websphere interview QuestionsWebsphere interview Questions
Websphere interview Questionsgummadi1
 
Introduction to spring social - illustrated in the Europe PMC project
Introduction to spring social - illustrated in the Europe PMC projectIntroduction to spring social - illustrated in the Europe PMC project
Introduction to spring social - illustrated in the Europe PMC projectyucigou
 
Going Social: What You Need to Know to Launch a Social Media Strategy
Going Social: What You Need to Know to Launch a Social Media StrategyGoing Social: What You Need to Know to Launch a Social Media Strategy
Going Social: What You Need to Know to Launch a Social Media StrategyJim Rattray
 

Mais conteúdo relacionado

Mais procurados

REST Architecture with use case and example
REST Architecture with use case and exampleREST Architecture with use case and example
REST Architecture with use case and exampleShailesh singh
 
Web Center Services and Framework
Web Center Services and FrameworkWeb Center Services and Framework
Web Center Services and FrameworkJaime Cid
 
Server-Side Programming Primer
Server-Side Programming PrimerServer-Side Programming Primer
Server-Side Programming PrimerIvano Malavolta
 
Representational State Transfer
Representational State TransferRepresentational State Transfer
Representational State TransferAlexei Skachykhin
 
RESTful Web APIs – Mike Amundsen, Principal API Architect, Layer 7
RESTful Web APIs – Mike Amundsen, Principal API Architect, Layer 7RESTful Web APIs – Mike Amundsen, Principal API Architect, Layer 7
RESTful Web APIs – Mike Amundsen, Principal API Architect, Layer 7CA API Management
 
Best Practices in Web Service Design
Best Practices in Web Service DesignBest Practices in Web Service Design
Best Practices in Web Service DesignLorna Mitchell
 
LAJUG Napster REST API
LAJUG Napster REST APILAJUG Napster REST API
LAJUG Napster REST APIstephenbhadran
 
SharePoint Data Anywhere and Everywhere by Chris Beckett - SPTechCon
SharePoint Data Anywhere and Everywhere by Chris Beckett - SPTechConSharePoint Data Anywhere and Everywhere by Chris Beckett - SPTechCon
SharePoint Data Anywhere and Everywhere by Chris Beckett - SPTechConSPTechCon
 
RESTful services
RESTful servicesRESTful services
RESTful servicesgouthamrv
 
Web development with ASP.NET Web API
Web development with ASP.NET Web APIWeb development with ASP.NET Web API
Web development with ASP.NET Web APIDamir Dobric
 
HTML5 Server Sent Events/JSF JAX 2011 Conference
HTML5 Server Sent Events/JSF JAX 2011 ConferenceHTML5 Server Sent Events/JSF JAX 2011 Conference
HTML5 Server Sent Events/JSF JAX 2011 ConferenceRoger Kitain
 
Servletarchitecture,lifecycle,get,post
Servletarchitecture,lifecycle,get,postServletarchitecture,lifecycle,get,post
Servletarchitecture,lifecycle,get,postvamsi krishna
 
Survey of restful web services frameworks
Survey of restful web services frameworksSurvey of restful web services frameworks
Survey of restful web services frameworksVijay Prasad Gupta
 
Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...
Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...
Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...Joonas Lehtinen
 
Websphere interview Questions
Websphere interview QuestionsWebsphere interview Questions
Websphere interview Questionsgummadi1
 

Mais procurados (20)

REST Architecture with use case and example
REST Architecture with use case and exampleREST Architecture with use case and example
REST Architecture with use case and example
 
REST API Design
REST API DesignREST API Design
REST API Design
 
Web Center Services and Framework
Web Center Services and FrameworkWeb Center Services and Framework
Web Center Services and Framework
 
Restful webservices
Restful webservicesRestful webservices
Restful webservices
 
Server-Side Programming Primer
Server-Side Programming PrimerServer-Side Programming Primer
Server-Side Programming Primer
 
Representational State Transfer
Representational State TransferRepresentational State Transfer
Representational State Transfer
 
RESTful Web APIs – Mike Amundsen, Principal API Architect, Layer 7
RESTful Web APIs – Mike Amundsen, Principal API Architect, Layer 7RESTful Web APIs – Mike Amundsen, Principal API Architect, Layer 7
RESTful Web APIs – Mike Amundsen, Principal API Architect, Layer 7
 
Best Practices in Web Service Design
Best Practices in Web Service DesignBest Practices in Web Service Design
Best Practices in Web Service Design
 
Hypermedia APIs
Hypermedia APIsHypermedia APIs
Hypermedia APIs
 
LAJUG Napster REST API
LAJUG Napster REST APILAJUG Napster REST API
LAJUG Napster REST API
 
SharePoint Data Anywhere and Everywhere by Chris Beckett - SPTechCon
SharePoint Data Anywhere and Everywhere by Chris Beckett - SPTechConSharePoint Data Anywhere and Everywhere by Chris Beckett - SPTechCon
SharePoint Data Anywhere and Everywhere by Chris Beckett - SPTechCon
 
RESTful services
RESTful servicesRESTful services
RESTful services
 
Web development with ASP.NET Web API
Web development with ASP.NET Web APIWeb development with ASP.NET Web API
Web development with ASP.NET Web API
 
HTML5 Server Sent Events/JSF JAX 2011 Conference
HTML5 Server Sent Events/JSF JAX 2011 ConferenceHTML5 Server Sent Events/JSF JAX 2011 Conference
HTML5 Server Sent Events/JSF JAX 2011 Conference
 
REST & RESTful Web Services
REST & RESTful Web ServicesREST & RESTful Web Services
REST & RESTful Web Services
 
Servletarchitecture,lifecycle,get,post
Servletarchitecture,lifecycle,get,postServletarchitecture,lifecycle,get,post
Servletarchitecture,lifecycle,get,post
 
Survey of restful web services frameworks
Survey of restful web services frameworksSurvey of restful web services frameworks
Survey of restful web services frameworks
 
Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...
Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...
Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...
 
Standards of rest api
Standards of rest apiStandards of rest api
Standards of rest api
 
Websphere interview Questions
Websphere interview QuestionsWebsphere interview Questions
Websphere interview Questions
 

Destaque

Introduction to spring social - illustrated in the Europe PMC project
Introduction to spring social - illustrated in the Europe PMC projectIntroduction to spring social - illustrated in the Europe PMC project
Introduction to spring social - illustrated in the Europe PMC projectyucigou
 
Going Social: What You Need to Know to Launch a Social Media Strategy
Going Social: What You Need to Know to Launch a Social Media StrategyGoing Social: What You Need to Know to Launch a Social Media Strategy
Going Social: What You Need to Know to Launch a Social Media StrategyJim Rattray
 
ALL PATIENTS NEEDING OVERSEAS OR EFMP CLEARANCE FOR PCS MUST COMPLETE THE ATT...
ALL PATIENTS NEEDING OVERSEAS OR EFMP CLEARANCE FOR PCS MUST COMPLETE THE ATT...ALL PATIENTS NEEDING OVERSEAS OR EFMP CLEARANCE FOR PCS MUST COMPLETE THE ATT...
ALL PATIENTS NEEDING OVERSEAS OR EFMP CLEARANCE FOR PCS MUST COMPLETE THE ATT...20 MDG Facebook
 
Socializing your application ( Facebook )
Socializing your application ( Facebook )Socializing your application ( Facebook )
Socializing your application ( Facebook )Sandip Jadhav
 

Destaque (6)

Introduction to spring social - illustrated in the Europe PMC project
Introduction to spring social - illustrated in the Europe PMC projectIntroduction to spring social - illustrated in the Europe PMC project
Introduction to spring social - illustrated in the Europe PMC project
 
Going Social: What You Need to Know to Launch a Social Media Strategy
Going Social: What You Need to Know to Launch a Social Media StrategyGoing Social: What You Need to Know to Launch a Social Media Strategy
Going Social: What You Need to Know to Launch a Social Media Strategy
 
ALL PATIENTS NEEDING OVERSEAS OR EFMP CLEARANCE FOR PCS MUST COMPLETE THE ATT...
ALL PATIENTS NEEDING OVERSEAS OR EFMP CLEARANCE FOR PCS MUST COMPLETE THE ATT...ALL PATIENTS NEEDING OVERSEAS OR EFMP CLEARANCE FOR PCS MUST COMPLETE THE ATT...
ALL PATIENTS NEEDING OVERSEAS OR EFMP CLEARANCE FOR PCS MUST COMPLETE THE ATT...
 
Social Spring
Social SpringSocial Spring
Social Spring
 
Spring social
Spring socialSpring social
Spring social
 
Socializing your application ( Facebook )
Socializing your application ( Facebook )Socializing your application ( Facebook )
Socializing your application ( Facebook )
 

Semelhante a Spring Social - Messaging Friends & Influencing People

oauth-for-credentials-security-in-rest-api-access
oauth-for-credentials-security-in-rest-api-accessoauth-for-credentials-security-in-rest-api-access
oauth-for-credentials-security-in-rest-api-accessidsecconf
 
Secure your app with keycloak
Secure your app with keycloakSecure your app with keycloak
Secure your app with keycloakGuy Marom
 
Linkedin & OAuth
Linkedin & OAuthLinkedin & OAuth
Linkedin & OAuthUmang Goyal
 
OpenID vs OAuth - Identity on the Web
OpenID vs OAuth - Identity on the WebOpenID vs OAuth - Identity on the Web
OpenID vs OAuth - Identity on the WebRichard Metzler
 
Stateless Auth using OAuth2 & JWT
Stateless Auth using OAuth2 & JWTStateless Auth using OAuth2 & JWT
Stateless Auth using OAuth2 & JWTGaurav Roy
 
Spring4 security oauth2
Spring4 security oauth2Spring4 security oauth2
Spring4 security oauth2axykim00
 
Understanding Identity in the World of Web APIs – Ronnie Mitra, API Architec...
Understanding Identity in the World of Web APIs – Ronnie Mitra, API Architec...Understanding Identity in the World of Web APIs – Ronnie Mitra, API Architec...
Understanding Identity in the World of Web APIs – Ronnie Mitra, API Architec...CA API Management
 
Mobile Authentication - Onboarding, best practices & anti-patterns
Mobile Authentication - Onboarding, best practices & anti-patternsMobile Authentication - Onboarding, best practices & anti-patterns
Mobile Authentication - Onboarding, best practices & anti-patternsPieter Ennes
 
Getting Started with Globus for Developers
Getting Started with Globus for DevelopersGetting Started with Globus for Developers
Getting Started with Globus for DevelopersGlobus
 
Web API 2 Token Based Authentication
Web API 2 Token Based AuthenticationWeb API 2 Token Based Authentication
Web API 2 Token Based Authenticationjeremysbrown
 
Stateless Auth using OAUTH2 & JWT
Stateless Auth using OAUTH2 & JWTStateless Auth using OAUTH2 & JWT
Stateless Auth using OAUTH2 & JWTMobiliya
 
Oauth2 and OWSM OAuth2 support
Oauth2 and OWSM OAuth2 supportOauth2 and OWSM OAuth2 support
Oauth2 and OWSM OAuth2 supportGaurav Sharma
 
Securing SharePoint Apps with OAuth
Securing SharePoint Apps with OAuthSecuring SharePoint Apps with OAuth
Securing SharePoint Apps with OAuthKashif Imran
 
Spring4 security oauth2
Spring4 security oauth2Spring4 security oauth2
Spring4 security oauth2Sang Shin
 
Developing Apps with Azure AD
Developing Apps with Azure ADDeveloping Apps with Azure AD
Developing Apps with Azure ADSharePointRadi
 
Adding Identity Management and Access Control to your Application - Exersices
Adding Identity Management and Access Control to your Application - ExersicesAdding Identity Management and Access Control to your Application - Exersices
Adding Identity Management and Access Control to your Application - ExersicesÁlvaro Alonso González
 
.NET Core, ASP.NET Core Course, Session 19
.NET Core, ASP.NET Core Course, Session 19 .NET Core, ASP.NET Core Course, Session 19
.NET Core, ASP.NET Core Course, Session 19aminmesbahi
 
Rest api titouan benoit
Rest api titouan benoitRest api titouan benoit
Rest api titouan benoitTitouan BENOIT
 

Semelhante a Spring Social - Messaging Friends & Influencing People (20)

oauth-for-credentials-security-in-rest-api-access
oauth-for-credentials-security-in-rest-api-accessoauth-for-credentials-security-in-rest-api-access
oauth-for-credentials-security-in-rest-api-access
 
Secure your app with keycloak
Secure your app with keycloakSecure your app with keycloak
Secure your app with keycloak
 
Linkedin & OAuth
Linkedin & OAuthLinkedin & OAuth
Linkedin & OAuth
 
OpenID vs OAuth - Identity on the Web
OpenID vs OAuth - Identity on the WebOpenID vs OAuth - Identity on the Web
OpenID vs OAuth - Identity on the Web
 
Api security
Api security Api security
Api security
 
Stateless Auth using OAuth2 & JWT
Stateless Auth using OAuth2 & JWTStateless Auth using OAuth2 & JWT
Stateless Auth using OAuth2 & JWT
 
Spring4 security oauth2
Spring4 security oauth2Spring4 security oauth2
Spring4 security oauth2
 
Understanding Identity in the World of Web APIs – Ronnie Mitra, API Architec...
Understanding Identity in the World of Web APIs – Ronnie Mitra, API Architec...Understanding Identity in the World of Web APIs – Ronnie Mitra, API Architec...
Understanding Identity in the World of Web APIs – Ronnie Mitra, API Architec...
 
Mobile Authentication - Onboarding, best practices & anti-patterns
Mobile Authentication - Onboarding, best practices & anti-patternsMobile Authentication - Onboarding, best practices & anti-patterns
Mobile Authentication - Onboarding, best practices & anti-patterns
 
Getting Started with Globus for Developers
Getting Started with Globus for DevelopersGetting Started with Globus for Developers
Getting Started with Globus for Developers
 
Web API 2 Token Based Authentication
Web API 2 Token Based AuthenticationWeb API 2 Token Based Authentication
Web API 2 Token Based Authentication
 
Stateless Auth using OAUTH2 & JWT
Stateless Auth using OAUTH2 & JWTStateless Auth using OAUTH2 & JWT
Stateless Auth using OAUTH2 & JWT
 
Oauth2 and OWSM OAuth2 support
Oauth2 and OWSM OAuth2 supportOauth2 and OWSM OAuth2 support
Oauth2 and OWSM OAuth2 support
 
Securing SharePoint Apps with OAuth
Securing SharePoint Apps with OAuthSecuring SharePoint Apps with OAuth
Securing SharePoint Apps with OAuth
 
Spring4 security oauth2
Spring4 security oauth2Spring4 security oauth2
Spring4 security oauth2
 
Developing Apps with Azure AD
Developing Apps with Azure ADDeveloping Apps with Azure AD
Developing Apps with Azure AD
 
Adding Identity Management and Access Control to your Application - Exersices
Adding Identity Management and Access Control to your Application - ExersicesAdding Identity Management and Access Control to your Application - Exersices
Adding Identity Management and Access Control to your Application - Exersices
 
.NET Core, ASP.NET Core Course, Session 19
.NET Core, ASP.NET Core Course, Session 19 .NET Core, ASP.NET Core Course, Session 19
.NET Core, ASP.NET Core Course, Session 19
 
Rest api titouan benoit
Rest api titouan benoitRest api titouan benoit
Rest api titouan benoit
 
Oauth2.0
Oauth2.0Oauth2.0
Oauth2.0
 

Último

Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 

Último (20)

Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 

Spring Social - Messaging Friends & Influencing People

  • 1. Spring Social Messaging Friends & Influencing People ETE 2011 Apr 27-28, 2011
  • 2. Who Am I? • Instructor/Mentor • Active Tweeter for Open Source Tech Topics twitter.com/gdickens • Certified Instructor for • DZone Most Valuable Blogger dzone.com/page/mvbs – dzone.com/user/284679 Technophile Blog - technophile.gordondickens.com 2
  • 3. Agenda • Spring & REST • Spring Social • Security with OAuth • Spring Mobile • Spring Android • Spring iPhone • Spring Greenhouse 3
  • 4. Social & Mobile Projects • Spring Social • Spring Mobile • Spring Android • Spring Greenhouse 4
  • 5. What is Spring Social? • Allow ourapps to interact with 5
  • 6. Simple Twitter TwitterTemplatetwitterTemplate = new TwitterTemplate(); List<String> friends = twitterTemplate.getFriends("chariotsolution"); for (String friend : friends) { logger.debug("Friend: {}”, friend); } 6
  • 7. What is TwitterTemplate? • One of the Provider Specific Templates • A convenience class • Implements TwitterApi • Wraps RESTful calls to Twitter –Using Spring 3 RestTemplate • OAuth support – provider specific 7
  • 9. REST& Social Media • Search Twitter with RestTemplate RestTemplaterestTemplate= new RestTemplate(); String search= "#phillyete"; String results = restTemplate.getForObject( "http://search.twitter.com/search.json?q={sea rch}",String.class, search); Note: All the cool kids are using REST 9
  • 10. Who is using REST? 10
  • 11. Spring REST • Added in Spring 3.0 • RestTemplate – Client side • Spring MVC – Server side – <mvc:annotation-driven/> – Annotations – Content Negotiation – Web page support for PUT & DELETE • HiddenHttpMethodFilter 11
  • 12. <mvc:annotation-driven/> • Validation – JSR-303 • Formatting – Annotated Field Formatters • Conversion – JSON – XML – ATOM/RSS – JodaTime – Custom Conversion (MyBean1 to/from MyBean2) 12
  • 13. Spring REST Annotations • @RequestMapping • @RequestHeader – Method for URL Path – Value in Req Header • @PathVariable • @ResponseStatus – Var in URL path “/{myVar}” – Http Codes on success • @RequestParam • @ExceptionHandler – Parameter – Methods by exception “/myurl/?myVar=abc” • @ModelAttribute • @RequestBody – Returning result into model – Unmarshal into bean • @ResponseBody – Marshal into bean 13
  • 14. Spring REST Annotations @Controller public class TwitterTimelineController { ... @RequestMapping(value="/twitter/timeline/{timelineType}", method=RequestMethod.GET) public String showTimeline(@PathVariable("timelineType") String timelineType, Model model) { TwitterApi twitterApi = getTwitterApi(); if (timelineType.equals("Home")) { model.addAttribute("timeline", twitterApi.timelineOperations().getHomeTimeline()); } else if(timelineType.equals("Public")) { model.addAttribute("timeline", twitterApi.timelineOperations().getPublicTimeline()); ... } model.addAttribute("timelineName", timelineType); return "twitter/timeline"; } 14
  • 15. Content Negotiating • ContentNegotiatingViewResolver –Client requests format of data –“Accept” header –“format” parameter –URL extension –Java Activation Framework 15
  • 16. Templates to the Rescue • Template for each Social Media Provider – TwitterTemplate, LinkedInTemplate, etc. • Provider Specific – Authentication Support – API methods • For other providers: – Roll your own – RestTemplate is our friend 16
  • 17. Template API Calls • Most calls require authentication –Some trivial calls do not need auth • Authentication –Provider side –Secured with OAuth 17
  • 18. Authenticating “An open protocol to allow secure API authorization in a simple and standard method from desktop to web applications.” http://oauth.net code.google.com/p/oauth/ 18
  • 19. OAuth Participants • Client Client – Our app – Wants to access serverto Access Wants • Server Server – With whom we want to connect – May not be the provider • Service Provider – Provides authentication S.P. I verify credentials 19
  • 20. OAuth Flavors • 1.0a –More complex • 2.0 20
  • 21. OAuth Safety Dance 1. App asks for a request token • OAuth 1.0a - w callback URL 2. Provider issues a request token 3. App redirects user to provider's auth page • passes request token • OAuth 1.0a – w callback URL 4. Provider prompts to authorize 5. Provider redirects user back to app • OAuth 1.0a – w verifier code 6. App exchanges request token for access to • OAuth 1.0a - also w verifier code 7. Provider issues access token 8. App uses the access token • App now obtains a ref to the Service API • interacts with provider on behalf of the user 21
  • 22. Twitter Auth Steps 1. ApiKey- Redirect user to provider auth page 2. User authenticates themselves 3. User authorizes our app to act on their behalf 4. User redirected to our site w/RequestToken &VerificationCode 5. RequestToken &VerificationCode, get AccessToken 6. Interact w/ provider using ApiKey &AccessToken 22
  • 23. Template & OAuth Summary • Provider specific template • OAuth support within template • How do we manage provider login and credential storage? We need CPR! 23
  • 24. Spring CPR • Connect Controller TwitterController – Connection to Service Provider • Service Provider TwitterServiceProvider – Twitter, LinkedIn, etc. • Connection Repository ConnectionRepository – Storage for Connection Details 24
  • 27. CPR - Controller <bean class=”o.sf.social.web.connect.ConnectController"> <constructor-arg value="${application.url}”/> </bean> • application.url – Base secure URL for this application – used to construct the callback URL – passed to the service providers 27
  • 28. CPR - Provider <bean class=”o.sf.social.twitter.connect.TwitterServiceProvider"> <constructor-arg value="${twitter.appId}" /> <constructor-arg value="${twitter.appSecret}" /> <constructor-arg ref="connectionRepository" /> </bean> • twitter.appId – ApiKey assigned to app by provider • twitter.appSecret – VerifierCode returned by provider 28
  • 29. CPR - Repository <bean id="connectionRepository" class=”o.sf.social.connect.jdbc.JdbcConnectionRepository"> <constructor-arg ref="dataSource" /> create table Connection ( <constructor-arg ref="textEncryptor" /> id identity, </bean> accountId varchar not null, providerId varchar not null, accessToken varchar not null, secret varchar, refreshToken varchar, • textEncryptor providerAccountId varchar, primary key (id)); – interface for symmetric encryption of text strings 29
  • 30. Greenhouse: RI app suite • Spring Greenhouse (RI) • Web App – Group Event Management – Environment-specific Beans and Profiles – Password Encoding &Data Encryption • Social Media – Integration – Authentication • Mobile Apps – Android – iPhone 30
  • 31. Greenhouse: Social & Mobile • Spring Social – App Framework – Service Provider Framework • Twitter, Facebook, LinkedIn & TripIt – Sign Up, Sign In & Password Reset – Member Invite – Badge System • Spring Mobile – iPhone Client – Android Client – Mobile web version for other smartphone platforms 31
  • 32. Spring Mobile • Server Side • Spring MVC Extension • Key Facets: 1. Mobile Device Detection 2. Site Preference Management 3. Site Switching 32
  • 33. Mobile Detection in MVC • DeviceResolver – Inspects inbound HttpRequest – “User-Agent” header – Default Analysis: ”Mobile device client?” • More sophisticated resolvers identify – screen size – manufacturer – model • DeviceResolverHandlerInterceptor – preferred markup – LiteDeviceResolver (default) • Based on Wordpress Lite Algorithm • Part of Wordpress Mobile Pack(wpmp) – Plug in another for specific features • WurflDeviceResolver (Java API) 33
  • 34. MVC Configuration • Handler Interceptor <mvc:interceptors> <!– Resolve device on pre-handle --> <bean class=”o.sf.mobile.device.DeviceResolverHandlerInterceptor”/> </mvc:interceptors> • Enable Device for Controller Methods <mvc:annotation-driven> <mvc:argument-resolvers> <bean class=”o.sf.mobile.device.DeviceWebArgumentResolver”/> </mvc:argument-resolvers> </mvc:annotation-driven> • Inject Device @Controller public class MyController { … @RequestMapping("/”) public void sayHi(Device device) { if (device.isMobile()) logger.info("Hello mobile user!"); 34
  • 35. Greenhouse CPR • AnnotatedControllerConfig – DeviceResolverHandlerInterceptor – DeviceHandlerMethodArgumentResolver – FacebookHandlerMethodArgumentResolver 35
  • 37. Preference Management • App supporting multiple sites –“mobile” –“normal” • Allow user to switch • SitePreferenceHandler interface • SitePreferenceWebArgumentResolver • CookieSitePreferenceRepository 37
  • 38. MVC Pref Config • Enable SitePreference support <mvc:annotation-driven> <mvc:argument-resolvers> <bean class=”o.sf.mobile.device.DeviceWebArgumentResolver" /> <bean class=”o.sf.mobile.device.site.SitePreferenceWebArgumentResolver" /> </mvc:argument-resolvers> </mvc:annotation-driven> • Inject into Controller Methods @Controller public class MyController { @RequestMapping("/”) public String home(SitePreference sitePreference, Model model) { if (sitePreference == SitePreference.MOBILE) { … 38
  • 39. Site Switching • Hosting mobile site different location • SiteSwitcherHandlerInterceptor • mDot m.${serverName} • dotMobi ${serverName}.mobi 39
  • 40. Spring Android • Client tools • Http Components • RestTemplate • Object to JSON Marshaling • Object to XML Marshaling • RSS and Atom Support • Greenhouse app in Android market – https://market.android.com/details?id=com.springsource.greenho use 40
  • 41. Spring iPhone • Greenhouse for iPhone client • Download & Install the iOS SDK • Project source code from the git – git clone git://git.springsource.org/greenhouse/iphone.git • Open the Greenhouse.xcodeproj in Xcode • Expects Greenhouse web app running locally • Greenhouse App in iTunes – http://itunes.apple.com/us/app/greenhouse/id395862873?mt=8 41
  • 42. Spring Social Showcase • Twitter, Facebook, TripIt • MVC Application • CPR configuration 42
  • 43. Summary • Spring Social • App collaboration with SM Sites • Security through OAuth • Spring REST • Significant for Social & Mobile • RestTemplate Rules! • Spring Mobile – MVC Support for Mobile Devices • Spring Android – Client Tools, based on RestTemplate 43
  • 44. Q& F • Questions? • Followup – Learn REST… – Spring Social Showcase – Spring Greenhouse • Contact me – technophile.gordondickens.com – gordon@gordondickens.com 44

Notas do Editor

  1. Demo Here – Simple JUnit Test
  2. OAuth Core 1.0 Revision A was created to address a session fixation attack identified in the OAuth Core 1.0 specification as detailed in http://oauth.net/advisories/2009-1.
  3. Request TokenVerifier Code - The OAuth Verifier is a verification code tied to the Request Token. The OAuth Verifier and Request Token both must be provided in exchange for an Access Token. They also both expire together.