GETTING STARTED OAUTH2.0
AS CONSUMER

OAuth2 allows secure API authentication using https.

The mydigitalstructure onDemand service allows you to simply access OAuth2 based webservices -  making sure your application keys stay protected in the model and not exposed to the client.

You can effectively extend the mydigitalstructure organisational model and thus the number of use cases, under the service oriented architecture.

A key service that support OAuth2 is facebook. 

About OAuth2


FACEBOOK EXAMPLE

Get a users details.

Assumptions:

You have a facebook account.

Example Steps as structure administrator (once only):

1 On the facebook service you first need to do a once off Application registration - this is effectively giving permission for 3rd party applications to request access to your facebook account.

Create a new app in facebook
 
2 The application will set up 2 keys for you:
# Consumer key
# Consumer secret

You then need to use:

/ondemand/setup/?method=SETUP_URL_MANAGE&type=8&urllogon=[Consumer key]&urlpassword=[Consumer secret]&private=N&title=facebook

These application credentials will be used automatically when requesting an user access token in the following steps.

Example Steps as a user giving permission (once only per user):

You can now request a token (which is done in 3 phases). 

1 Request an application level code:

/ondemand/network/?method=NETWORK_OAUTH2_REQUEST_CODE&type=8

You will be returned a parameter: authenticateurl - you need to redirect to this URL.  At this point you need to add the scope of your request for access eg for access to news stream add: &scope=read_stream

Facebook will then call back to the url you specified when setting up the application and as supplied in the NETWORK_OAUTH_REQUEST_CODE call as &urlcallback=

You wil get back a parameter in the query string that you need to extract:
# code 

They will be used in the phase 2 in step 4 next. 

2 Requesting the user access token

/ondemand/network/?method=NETWORK_OAUTH2_METHOD&type=8&code=[code]&remember=1

This gets back the access_token for the user and saves it against their account for future use.

3 Getting user details on facebook:

/ondemand/network/?method=NETWORK_OAUTH2_METHOD&type=8&token=1
&urlendpoint=https://graph.facebook.com/me

Getting list of other links

/ondemand/network/?method=NETWORK_OAUTH2_METHOD&type=8&token=1
&urlendpoint=https://graph.facebook.com/[id]?metadata=1


Getting news feed

/ondemand/network/?method=NETWORK_OAUTH2_METHOD&type=8&token=1
&urlendpoint=https://graph.facebook.com/[id]/feed


Getting home page / stream


You need to add &scope=read_stream to the url returned in step 1 for this to work.

/ondemand/network/?method=NETWORK_OAUTH2_METHOD&type=8&token=1
&urlendpoint=https://graph.facebook.com/[id]/home 

4 You can use any method with the Facebook REST API

 

 

 

  oauth-2-sm.png
 
BUSINESS GRAPH

Graph theory is the theory of links and nodes and how they interconnect – so a “graph” represents these links, on facebook.com the links to friends represents your social graph.

The links between contacts, invoices etc is an organisations “business graph”.

Some reading...

 

OPEN GRAPH

The Open Graph protocol enables any web page to become a rich object in a social graph.

Some reading...