This document was uploaded by user and they confirmed that they have the permission to share
it. If you are author or own the copyright of this book, please report to us by using this DMCA
report form. Report DMCA
• Google Data Protocol - APP, XML, REST, HTTP - under the hood: raw protocol demo
• Authentication …because private data is more interesting
• AJAX Search APIs • Questions & Answers
LIVE Demos!
Demos - PHP YouTube vs JSON YouTube YouTube Video Browser (PHP) APIs: YouTube Data API PHP client library http://www.googlecodesamples.com/youtube/php/YouTubeVideoBrowser/
YouTube Video Browser (JSON) APIs: YouTube Data API JavaScript (alt=json-in-script) http://www.googlecodesamples.com/youtube/js/YouTubeVideoBrowser/
Demos – Book Search Data API Book Search Browser APIs: Book Search Data API PHP client library, JavaScript http://www.googlecodesamples.com/books/php/BooksBrowser/
Demos – Google Data Gadgets Blogger Gadget APIs: Blogger Data API, OAuth, OpenSocial JavaScript client library http://gdata-samples.googlecode.com/svn/trunk/gadgets/blogger/blogger_gadget.xml
Google Data Protocol
Protocol - Atom Syndication Format Feeds and Entries … …… <entry> http://picasaweb…/entry/…albumid/51418412008-05-08T04:15:41.000ZApp Engine Hackathon NY <entry>… <entry>…
Protocol - HTTP Communication
Create POST /calendar/feeds/default/allcalendars/full 201 Created
Retrieve GET /calendar/feeds/default/allcalendars/full 200 OK
Update PUT /calendar/feeds/default/allcalendars/full/{ID} 200 OK
Delete DELETE /calendar/feeds/default/allcalendars/full/{ID} 200 OK
Protocol - HTTP Status Codes
200 201 304 400 401 403 404 409 500
OK CREATED NOT MODIFIED BAD REQUEST UNAUTHORIZED FORBIDDEN NOT FOUND CONFLICT INTERNAL SERVER ERROR
Protocol - Google Data API Extensions • Extended data model , , <media:thumbnail> Feature
• Batch operations • Authentication - ClientLogin - desktop apps - AuthSub - web apps - OAuth - open standard
Authentication - Overview Problems: Authentication is difficult • Private resources • Security considerations Solution: Let Google handle it! • Authorization not Authentication • Tokens not credentials • User grants/denies access to their private data
Authentication - ClientLogin • Installed/desktop applications • Username/password • Access to a single service • Tokens expire in ~2 weeks • CAPTCHAs POST /accounts/ClientLogin HTTP/1.0 Content-type: application/x-www-form-urlencoded accountType=HOSTED_OR_GOOGLE [email protected] &Passwd=pa$$word &service=cl &source=Google-CalExample-v1.0
Authentication - AuthSub • Web applications • Authorization - your website Google your website
• Tokens - single-use or multiple-use (never expire) - scoped access to data - revoke tokens manually / programmatically
Authentication - OAuth • Similar to AuthSub - single mode: ALL requests must be signed
• Web applications • Open standard - growing in popularity (Yahoo, MySpace, AOL) - open source libraries available: oauth.net - reuse authentication code from another project
Protocol demonstration
Protocol demonstration - OAuth Playground
OAuth Playground 1. 2. 3. 4. 5.
Authorization to the Contacts Data API GET retrieving a user’s contacts POST create a new contact entry PUT update the entry DELETE remove the contact
AJAX Search APIs – Basic Example <script src="http://www.google.com/jsapi?key=ABQIBX..."> <script type="text/javascript"> google.load('search', '1', {'language' : 'ru'}); function initialize() { var gSearch = new google.search.SearchControl(); var options = new google.search.SearcherOptions(); options.setExpandMode( google.search.SearchControl.EXPAND_MODE_OPEN); gSearch.addSearcher(new google.search.WebSearch(), options); gSearch.draw(document.getElementById('searchcontrol')); //gSearch.execute('LOL cats'); // execute search automatically } google.setOnLoadCallback(initialize); …
AJAX Search APIs – Customizations
• Linear or tabbed display var drawOpts = new google.search.DrawOptions(); drawOpts.setDrawMode( google.search.SearchControl.DRAW_MODE_TABBED);
• Choose where results are displayed var options = new google.search.SearcherOptions(); options.setRoot( document.getElementById('somewhere_else')); searchControl.addSearcher( new google.search.WebSearch(), options);
… not just JavaScript - REST, JSON - Examples in Flash, PHP, Java curl --silent --referer http://www.example.com \ "http://ajax.googleapis.com/ajax/services/search/web\ ?v=1.0&q=Beijing%20Olympics"
Questions & Answers
Resources
Google Data APIs: http://code.google.com/apis/gdata/ OAuth Playground and other LIVE samples: http://www.googlecodesamples.com/ AJAX APIs: http://code.google.com/apis/ajax