YQL, Flickr, OAuth, YAP

13,053 views

Published on

A presentation for IDC - 3/31/09 - Israel

Published in: Technology, Sports
  • Be the first to comment

YQL, Flickr, OAuth, YAP

  1. 1. YQL, Flickr, OAuth, YAP Erik Eldridge Yahoo! Developer Network 3/31/09 Photo credit: Marco Bellucci((http://ow.ly/1M0c)
  2. 2. Follow along (or skip ahead) <ul><li>http://slideshare.net/erikeldridge </li></ul>
  3. 3. YQL
  4. 4. YQL is select * from internet <ul><li>Allows you to quickly & simply mashup data from Yahoo! and elsewhere </li></ul><ul><li>Programmatic SQL-like language </li></ul><ul><li>Successor to Yahoo! Pipes </li></ul>
  5. 5. YQL on YDN
  6. 6. YQL console
  7. 7. BOSS-like search
  8. 8. Public data
  9. 9. YQL proxy & frontend
  10. 10. YQL trogdor
  11. 11. HTML to extract
  12. 12. HTML extraction in console
  13. 13. HTML extraction code
  14. 14. RSS extraction
  15. 15. RSS raw
  16. 16. RSS extraction in console
  17. 17. RSS extraction code
  18. 18. RSS extracted
  19. 19. YQL Open Tables
  20. 20. Open table examples
  21. 21. Twitter status Open Table
  22. 22. Twitter status table raw
  23. 23. Twitter status Open Table in action
  24. 24. Resources <ul><li>YQL: http://developer.yahoo.com/yql </li></ul><ul><li>Open Table examples: http://github.com/spullara/yql-tables/tree/master </li></ul><ul><li>PHP: http://php.net </li></ul>
  25. 25. Flickr
  26. 26. Flickr homepage
  27. 27. Flickr API page
  28. 28. Use YQL for public pics
  29. 29. Desc flickr.photos.search
  30. 30. Resolve Flickr username
  31. 31. Request user’s photos in YQL
  32. 32. Use proxy to get data
  33. 33. Catch the data in the client
  34. 34. Output
  35. 35. Flickr API endpoint
  36. 36. Flickr API explorer
  37. 37. Flickr Auth: fetching frob
  38. 38. Flickr auth: fetching token
  39. 39. Flickr auth: making request
  40. 40. Resources <ul><li>Flickr APIs: http://www.flickr.com/services/api/ </li></ul>
  41. 41. OAuth
  42. 42. Overview <ul><li>What is OAuth? </li></ul><ul><li>In general, how do I use it? </li></ul><ul><li>Getting started with Oauth on Yahoo! </li></ul>
  43. 43. OAuth is an open protocol <ul><li>Allows developers to safely access a user’s private data </li></ul><ul><li>Similar to OpenID </li></ul><ul><li>Used to secure HTTP requests </li></ul><ul><li>Credentials given only to trusted sites </li></ul><ul><li>Open alternative to proprietary protocols </li></ul><ul><ul><li>Google’s AuthSub </li></ul></ul><ul><ul><li>AOL’s OpenAuth </li></ul></ul><ul><ul><li>Yahoo’s BBAuth and FlickrAuth </li></ul></ul><ul><ul><li>Facebook’s FacebookAuth </li></ul></ul>
  44. 44. How does a developer use it? <ul><li>Fetch a request token </li></ul><ul><li>Redirect user to authorize with request token </li></ul><ul><li>Fetch and store an access token </li></ul><ul><li>Make signed API requests </li></ul>
  45. 45. For the visually-inclined Your App (the consumer) API (Oauth provider) Your App API Access token Your App API Signed request The user API Authorization Your App API Request token Fetch request token
  46. 46. Yahoo! Oauth diagram <ul><li>http://ow.ly/1KuX </li></ul>
  47. 47. How to get a Yahoo! Oauth API key and secret
  48. 48. The YDN registration form <ul><li>be sure to: </li></ul><ul><ul><li>Select “Web-based” from the drop-down if you want to make a web app </li></ul></ul><ul><ul><li>Request access to “private user data” if you need social data in your app </li></ul></ul>
  49. 49. Successful registration <ul><li>Shows the key and secret used for signing a request </li></ul>
  50. 50. Domain verification <ul><li>For web-based apps, you will need to verify that you own the domain that will be hosting your app </li></ul>
  51. 51. The easiest way to get started is with the Yahoo! PHP SDK <ul><li><?php </li></ul><ul><li>require('yosdk/lib/Yahoo.inc'); </li></ul><ul><li>$key = 'dj0yJmk9b25tMTdCb3NndVc3JmQ9WVdrOWRFRlFXbFJqTkRnbWNHbzlNakV6TmpNMU16TTUmcz1jb25zdW1lcnNlY3JldCZ4PWQ4'; </li></ul><ul><li>$secret = 'ccb100d2ddd70c90e999055311b714db17a35029'; </li></ul><ul><li>$app_id = 'tAPZTc48'; </li></ul><ul><li>$session = YahooSession::requireSession($key, $secret, $app_id); </li></ul><ul><li>$user = $session->getSessionedUser(); </li></ul><ul><li>$title = ' installed this OAuth app'; </li></ul><ul><li>$link = 'http://example.erikeldridge.com/oauth/'; </li></ul><ul><li>$suid = 'update'.time(); </li></ul><ul><li>$user->insertUpdate($suid, $title, $link); </li></ul>
  52. 52. An example update on the Yahoo! profile page
  53. 53. App Updates <ul><li>Updates are distributed across Yahoo! and beyond </li></ul><ul><li>Properties, e.g., Mail, Profiles, Buzz, etc. </li></ul><ul><li>Clients, e.g., Messenger, Toolbar </li></ul><ul><li>Externally through Updates API </li></ul>
  54. 55. The next easiest way is to use one of the freely available libraries
  55. 56. Fetching request token without the Yahoo! PHP SDK <ul><li><?php </li></ul><ul><li>$key = 'dj0yJmk9b25tMTdCb3NndVc3JmQ9WVdrOWRFRlFXbFJqTkRnbWNHbzlNakV6TmpNMU16TTUmcz1jb25zdW1lcnNlY3JldCZ4PWQ4'; </li></ul><ul><li>$secret = 'ccb100d2ddd70c90e999055311b714db17a35029'; </li></ul><ul><li>require('yosdk/lib/OAuth.php'); </li></ul><ul><li>$consumer = new OAuthConsumer($key, $secret);//key/secret from Y! </li></ul><ul><li>$url = 'https://api.login.yahoo.com/oauth/v2/get_request_token'; </li></ul><ul><li>$request = OAuthRequest::from_consumer_and_token($consumer, NULL, 'POST', $url, array()); </li></ul><ul><li>$request->sign_request(new OAuthSignatureMethod_PLAINTEXT(), $consumer, NULL); </li></ul><ul><li>$ch = curl_init($url); </li></ul><ul><li>$options = array( </li></ul><ul><li>CURLOPT_POSTFIELDS => $request->to_postdata(), </li></ul><ul><li>CURLOPT_RETURNTRANSFER => true </li></ul><ul><li>); </li></ul><ul><li>curl_setopt_array($ch, $options); </li></ul><ul><li>parse_str(curl_exec($ch), $resp); </li></ul><ul><li>curl_close($ch); </li></ul><ul><li>$requestToken = new stdclass(); </li></ul><ul><li>$requestToken->key = $resp[&quot;oauth_token&quot;]; </li></ul><ul><li>$requestToken->secret = $resp[&quot;oauth_token_secret&quot;]; </li></ul><ul><li>file_put_contents('token.txt', json_encode($requestToken)); </li></ul><ul><li>$url = sprintf(&quot;https://%s/oauth/v2/request_auth?oauth_token=%s&quot;, </li></ul><ul><li>'api.login.yahoo.com', </li></ul><ul><li>urlencode($requestToken->key) </li></ul><ul><li>); </li></ul><ul><li>echo “go here & authorize: $url”; </li></ul>
  56. 57. Fetching the access token without the Yahoo! PHP SDK, part 1 <ul><li>$key = 'dj0yJmk9b25tMTdCb3NndVc3JmQ9WVdrOWRFRlFXbFJqTkRnbWNHbzlNakV6TmpNMU16TTUmcz1jb25zdW1lcnNlY3JldCZ4PWQ4'; </li></ul><ul><li>$secret = 'ccb100d2ddd70c90e999055311b714db17a35029'; </li></ul><ul><li>$app_id = 'tAPZTc48'; </li></ul><ul><li>require('yosdk/OAuth.php'); </li></ul><ul><li>$consumer = new OAuthConsumer(KEY, SECRET); </li></ul><ul><li>$requestToken = json_decode(file_get_contents('token.txt')); </li></ul><ul><li>$url = 'https://api.login.yahoo.com/oauth/v2/get_token'; </li></ul><ul><li>$request = OAuthRequest::from_consumer_and_token($consumer, $requestToken, 'POST', $url, array()); </li></ul><ul><li>$request->sign_request(new OAuthSignatureMethod_HMAC_SHA1(), $consumer, $requestToken); </li></ul><ul><li>$headers = array( </li></ul><ul><li>&quot;Accept: application/json&quot; </li></ul><ul><li>); </li></ul><ul><li>$ch = curl_init($url); </li></ul><ul><li>$options = array( </li></ul><ul><li>CURLOPT_POST=> true, </li></ul><ul><li>CURLOPT_POSTFIELDS => $request->to_postdata(), </li></ul><ul><li>CURLOPT_RETURNTRANSFER => true </li></ul><ul><li>); </li></ul><ul><li>curl_setopt_array($ch, $options); </li></ul><ul><li>parse_str(curl_exec($ch), $response); </li></ul><ul><li>curl_close($ch); </li></ul>
  57. 58. Fetching the access token without the Yahoo! PHP SDK, part 2 <ul><li>$now = time(); </li></ul><ul><li>$accessToken = new stdclass(); </li></ul><ul><li>$accessToken->key = $response[&quot;oauth_token&quot;]; </li></ul><ul><li>$accessToken->secret = $response[&quot;oauth_token_secret&quot;]; </li></ul><ul><li>$accessToken->guid = $response[&quot;xoauth_yahoo_guid&quot;]; </li></ul><ul><li>$accessToken->consumer = $consumer; </li></ul><ul><li>$accessToken->sessionHandle = $response[&quot;oauth_session_handle&quot;]; </li></ul><ul><li>if(array_key_exists(&quot;oauth_expires_in&quot;, $response)) { </li></ul><ul><li>$accessToken->tokenExpires = $now + $response[&quot;oauth_expires_in&quot;]; </li></ul><ul><li>}else { </li></ul><ul><li>$accessToken->tokenExpires = -1; </li></ul><ul><li>} </li></ul><ul><li>if(array_key_exists(&quot;oauth_authorization_expires_in&quot;, $response)) { </li></ul><ul><li>$accessToken->handleExpires = $now + $response[&quot;oauth_authorization_expires_in&quot;]; </li></ul><ul><li>}else { </li></ul><ul><li>$accessToken->handleExpires = -1; </li></ul><ul><li>} </li></ul><ul><li>file_put_contents('token.txt', json_encode($accessToken)); </li></ul>
  58. 59. Making a signed request to Updates API without the Yahoo! PHP SDK, part 1 <ul><li>$guid = $response[&quot;xoauth_yahoo_guid&quot;]; </li></ul><ul><li>$title = 'Confirmation update';//arbitrary title </li></ul><ul><li>$description = 'The time is now '.date(&quot;g:i a&quot;);//arbitrary desc </li></ul><ul><li>$link = sprintf('http://%s/oauth/', ‘example.erikeldridge.com/oauth’);//arbitrary link </li></ul><ul><li>$source = ’APP.'.$app_id;//note: 'APP.' syntax </li></ul><ul><li>$date = time(); </li></ul><ul><li>$suid = ’update'.time();//arbitrary, unique string </li></ul><ul><li>$body = array( </li></ul><ul><li>&quot;updates&quot; => array( </li></ul><ul><li>array( </li></ul><ul><li>&quot;collectionID&quot; => $guid, </li></ul><ul><li>&quot;collectionType&quot; => &quot;guid&quot;, </li></ul><ul><li>&quot;class&quot; => &quot;app&quot;, </li></ul><ul><li>&quot;source&quot; => $source, </li></ul><ul><li>&quot;type&quot; => 'appActivity', </li></ul><ul><li>&quot;suid&quot; => $suid, </li></ul><ul><li>&quot;title&quot; => $title, </li></ul><ul><li>&quot;description&quot; => $description, </li></ul><ul><li>&quot;link&quot; => $link, </li></ul><ul><li>&quot;pubDate&quot; => (string)$date </li></ul><ul><li>) </li></ul><ul><li>) </li></ul><ul><li>); </li></ul>
  59. 60. Making a signed request to Updates API without the Yahoo! PHP SDK, part 2 <ul><li>$url = sprintf(&quot;http://%s/v1/user/%s/updates/%s/%s&quot;, </li></ul><ul><li>'social.yahooapis.com', </li></ul><ul><li>$guid, </li></ul><ul><li>$source, </li></ul><ul><li>urlencode($suid) </li></ul><ul><li>); </li></ul><ul><li>$request = OAuthRequest::from_consumer_and_token( </li></ul><ul><li>$consumer, </li></ul><ul><li>$accessToken, </li></ul><ul><li>'PUT', </li></ul><ul><li>$url, </li></ul><ul><li>array()); </li></ul><ul><li>$request->sign_request( </li></ul><ul><li>new OAuthSignatureMethod_HMAC_SHA1(), </li></ul><ul><li>$consumer, </li></ul><ul><li>$accessToken </li></ul><ul><li>); </li></ul>
  60. 61. Making a signed request to the Updates API without the Yahoo! PHP SDK, part 3 <ul><li>$headers = array(&quot;Accept: application/json&quot;); </li></ul><ul><li>$headers[] = $request->to_header(); </li></ul><ul><li>$headers[] = &quot;Content-type: application/json&quot;; </li></ul><ul><li>$content = json_encode($body); </li></ul><ul><li>$ch = curl_init($url); </li></ul><ul><li>$options = array( </li></ul><ul><li>CURLOPT_HTTPHEADER => $headers, </li></ul><ul><li>CURLOPT_POSTFIELDS => $content, </li></ul><ul><li>CURLOPT_RETURNTRANSFER => true, </li></ul><ul><li>CURLOPT_CUSTOMREQUEST => 'PUT', </li></ul><ul><li>CURLOPT_TIMEOUT => 3 </li></ul><ul><li>); </li></ul><ul><li>curl_setopt_array($ch, $options); </li></ul><ul><li>$resp = curl_exec($ch); </li></ul><ul><li>curl_close($ch); </li></ul>
  61. 62. Resources <ul><li>Hueniverse’s introduction: http://www.hueniverse.com/hueniverse/2007/10/beginners-guide.html </li></ul><ul><li>Yahoo!’s Oauth documentation: http://developer.yahoo.com/oauth </li></ul><ul><li>Yahoo! PHP and ActionScript SDKs: http://developer.yahoo.com/social/sdk/ </li></ul><ul><li>Google’s OAuth playground: http://googlecodesamples.com/oauth_playground/ </li></ul>
  62. 63. Yahoo! Application Platform
  63. 64. Why is Yahoo! opening up? <ul><li>A history of supporting open technology </li></ul><ul><ul><li>Apache, MySQL, PHP, JavaScript, BSD/Linux, to name a few </li></ul></ul><ul><li>A history of hacking </li></ul><ul><li>Yahoo! wants to share its audience </li></ul>
  64. 65. What is the Yahoo! Application Platform? <ul><li>It’s a way to run apps on Yahoo! </li></ul>
  65. 66. 3 views of YAP: My Y! screenshot
  66. 67. 3 views of YAP: canvas screenshot
  67. 68. 3 views of YAP: y! metro
  68. 69. Yahoo! Application Platform (YAP) <ul><li>Optimized for speed and security (YML, Caja) </li></ul><ul><li>Uses raw Javascript, CSS, and HTML, and Yahoo! Markup Language (YML) </li></ul><ul><li>Supports OpenSocial JavaScript API </li></ul>
  69. 70. How do I use it? <ul><li>YDN key/secret </li></ul><ul><li>+ </li></ul><ul><li>Your server </li></ul><ul><li>+ </li></ul><ul><li>Your code </li></ul><ul><li>= </li></ul><ul><li>Your app on Yahoo! </li></ul>
  70. 71. Example: OpenSocial Activities <ul><li><script> </li></ul><ul><li>var params = {}; </li></ul><ul><li>params[opensocial.Activity.Field.TITLE] = 'title'; </li></ul><ul><li>params[opensocial.Activity.Field.BODY] = 'body'; </li></ul><ul><li>var activity = opensocial.newActivity(params); </li></ul><ul><li>opensocial.requestCreateActivity( </li></ul><ul><li>activity, </li></ul><ul><li>opensocial.CreateActivityPriority.LOW, </li></ul><ul><li>function(){}); </li></ul><ul><li></script> </li></ul>
  71. 72. Example: Screenshot of results
  72. 73. What does YAP do for me? <ul><li>Hundreds of millions of Yahoo! users </li></ul><ul><li>Instant publication </li></ul><ul><li>Secure, Standard JavaScript, HTML, CSS </li></ul><ul><li>OpenSocial JS API </li></ul>
  73. 74. Resources <ul><li>developer.yahoo.com </li></ul><ul><ul><li>/dashboard </li></ul></ul><ul><ul><li>/yap </li></ul></ul><ul><ul><li>/yap/yml </li></ul></ul><ul><ul><li>/social </li></ul></ul><ul><ul><li>/forums </li></ul></ul><ul><li>Caja project </li></ul><ul><li>iframe security </li></ul>
  74. 75. ! תודה Thank you! <ul><li>Find me on slideshare, twitter and github @erikeldridge </li></ul>

×