Versions Compared

Old Version 2

changes.mady.by.user Jonathan Beri

Saved on

compared with

New Version Current

changes.mady.by.user Jonathan Beri

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3

...

Sometimes

...

OpenSocial

...

gadgets

...

need

...

to

...

work

...

with

...

data

...

located

...

on

...

remote

...

servers,

...

but

...

cannot

...

make

...

AJAX

...

requests

...

due

...

to

...

cross-browser

...

limitations.

...

Fortunately,

...

the

...

OpenSocial

...

APIs

...

provide

...

functions

...

to

...

send

...

HTTP

...

requests

...

to

...

remote

...

servers.

...

Your

...

OpenSocial

...

applications

...

are

...

able

...

to:

...

  • Securely

...

  • transmit

...

  • unique

...

  • identifiers

...

  • for

...

  • the

...

  • owner

...

  • and

...

  • viewer

...

  • using

...

  • request

...

  • signing

...

  • .

...

  • Make

...

  • HTTP

...

  • requests

...

  • from

...

  • a

...

  • gadget

...

  • to

...

  • a

...

  • remote

...

  • server

...

  • using

...

  • osapi.http

...

  • .

...

  • Request

...

  • social

...

  • information

...

  • to

...

  • be

...

  • sent

...

  • from

...

  • the

...

  • container

...

  • to

...

  • a

...

  • server

...

  • using

...

  • Data

...

  • Pipelining

...

  • .

...

  • Render

...

  • a

...

  • web

...

  • page

...

  • from

...

  • a

...

  • server

...

  • as

...

  • a

...

  • gadget

...

  • view

...

  • using

...

  • Proxied

...

  • Content

...

  • .

...

Request

...

Signing

...

When

...

sending

...

data

...

from

...

a

...

gadget

...

to

...

a

...

remote

...

server

...

that

...

contains

...

important

...

information

...

such

...

as

...

user

...

ID

...

numbers

...

and

...

profile

...

data,

...

it

...

is

...

important

...

for

...

the

...

remote

...

server

...

to

...

know

...

that

...

the

...

data

...

request

...

has

...

not

...

been

...

modified

...

in

...

any

...

way

...

by

...

a

...

malicious

...

party.

...

OpenSocial

...

uses

...

request

...

signing

...

to

...

protect

...

against

...

such

...

tampering.

...

To

...

be

...

secure,

...

your

...

application

...

must

...

only

...

transmit

...

the

...

value

...

of

...

the

...

current

...

owner

...

or

...

viewer's

...

OpenSocial

...

ID

...

numbers

...

using

...

signed

...

requests.

...

If

...

you

...

are

...

not

...

familiar

...

with

...

the

...

concept

...

of

...

request

...

signing,

...

please

...

read

...

the

...

Introduction

...

To

...

Signed

...

Requests

...

article.

...

JavaScript

...

HTTP

...

requests

...

You

...

can

...

generate

...

HTTP

...

requests

...

from

...

within

...

gadgets

...

to

...

fetch

...

remote

...

data.

...

Which

...

method

...

you

...

use

...

to

...

make

...

these

...

requests

...

depends

...

on

...

the

...

version

...

of

...

OpenSocial

...

you

...

are

...

developing

...

for:

...

osapi.http

...

(OpenSocial

...

versions

...

0.9+)

...

OpenSocial

...

0.9

...

introduced

...

the

...

simpler

...

osapi.http

...

JavaScript

...

library.

...

An

...

example

...

of

...

making

...

a

...

signed

...

osapi.http

...

request

...

to

...

fetch

...

JSON

...

data

...

is

...

below:

...

Code Block
javascript
javascript
osapi.http.get({
    'href' : 'http://www.example.com',
    'format' : 'json',
    'authz' : 'signed'
}).execute(callback);
{code}

Please

...

see

...

the

...

osapi.http

...

documentation

...

for

...

more

...

examples.

...

gadgets.io.makeRequest

...

An

...

example

...

of

...

a

...

signed

...

makeRequest

...

call

...

to

...

fetch

...

JSON

...

data

...

is

...

below:

...

Code Block
javascript
javascript
var params = {};
params[gadgets.io.RequestParameters.CONTENT_TYPE] = gadgets.io.ContentType.JSON;
params[gadgets.io.RequestParameters.AUTHORIZATION] = gadgets.io.AuthorizationType.SIGNED;
gadgets.io.makeRequest("http://www.example.com", callback, params);
{code}

Please

...

see

...

the

...

gadgets.io.makeRequest

...

documentation

...

for

...

more

...

examples.

...

Preloading

...

data

...

Applications

...

which

...

need

...

to

...

access

...

remote

...

content

...

for

...

each

...

render

...

can

...

improve

...

their

...

performance

...

dramatically

...

by

...

preloading

...

this

...

data.

...

A

...

preload

...

is

...

executed

...

at

...

the

...

same

...

time

...

that

...

the

...

gadget

...

is

...

rendered,

...

so

...

it

...

effectively

...

saves

...

a

...

whole

...

round

...

trip

...

from

...

the

...

user

...

of

...

your

...

application

...

to

...

the

...

container

...

where

...

your

...

app

...

is

...

running.

...

Preloads

...

are

...

also

...

fetched

...

when

...

the

...

app

...

is

...

initially

...

fetched,

...

so

...

you

...

don't

...

have

...

to

...

wait

...

for

...

an onload event to fire before requesting remote data.

If you have a request that looks like the following:

<source lang="javascript">

...


osapi.http.get(

...

{'href'

...

:

...

'http://www.example.com'

...

}).execute(callback)

...


</source>

...

You

...

can

...

preload

...

the

...

content

...

at

...

http://www.example.com

...

by

...

adding

...

a

...

<Preload>

...

tag

...

to

...

your

...

<ModulePrefs>

...

section:

...

Code Block
xml
xml
<ModulePrefs title="Preloads">
 <Require feature="opensocial-0.9" />
 <Preload href="http://www.example.com" />
</ModulePrefs>
{code}

When

...

your

...

application

...

executes

...

the

...

osapi.http

...

call,

...

this

...

content

...

will

...

be

...

returned

...

instantly,

...

without

...

needing

...

to

...

hit

...

your

...

server

...

again.

...

Preloaded

...

requests

...

can

...

also

...

be

...

signed

...

if

...

you

...

need,

...

by

...

adding

...

the

...

optional

...

authz

...

attribute

...

to

...

your

...

Preload

...

section:

...

Code Block
xml
xml
<ModulePrefs title="Preloads">
  <Require feature="opensocial-0.9" />
  <Preload href="http://www.example.com" authz="signed" />
</ModulePrefs>
{code}

There

...

are

...

a

...

few

...

more

...

optimizations

...

you

...

can

...

use

...

to

...

make

...

preloads

...

work

...

even

...

better:

...

  1. Turn

...

  1. off

...

  1. sending

...

  1. the

...

  1. viewer

...

  1. in

...

  1. signed

...

  1. requests.

...

  1. If

...

  1. you

...

  1. don't

...

  1. need

...

  1. the

...

  1. VIEWER

...

  1. ID

...

  1. for

...

  1. your

...

  1. signed

...

  1. request,

...

  1. disable

...

  1. it

...

  1. by

...

  1. adding

...

  1. sign_viewer="false"

...

  1. to

...

  1. your

...

  1. <Preload>

...

  1. tag.

...

  1. This

...

  1. will

...

  1. allow

...

  1. the

...

  1. container

...

  1. to

...

  1. cache

...

  1. your

...

  1. request

...

  1. for

...

  1. a

...

  1. lot

...

  1. more

...

  1. requests.

...

  1. This

...

  1. is

...

  1. a

...

  1. critical

...

  1. improvement

...

  1. for

...

  1. profile

...

  1. pages!

...

  2. You

...

  1. may

...

  1. disable

...

  1. sending

...

  1. the

...

  1. OWNER

...

  1. ID

...

  1. in

...

  1. signed

...

  1. preloads

...

  1. by

...

  1. adding

...

  1. sign_owner="false"

...

  1. .

...

  2. Use

...

  1. multiple

...

  1. <Preload>

...

  1. tags

...

  1. if

...

  1. you

...

  1. have

...

  1. more

...

  1. than

...

  1. one

...

  1. request.

...

  1. You're

...

  1. not

...

  1. limited

...

  1. to

...

  1. one

...

  1. <Preload>

...

  1. tag,

...

  1. so

...

  1. preload

...

  1. whatever

...

  1. you

...

  1. can.

...

  2. Restrict

...

  1. preloads

...

  1. to

...

  1. the

...

  1. correct

...

  1. view.

...

  1. If

...

  1. you

...

  1. only

...

  1. use

...

  1. a

...

  1. certain

...

  1. request

...

  1. in

...

  1. a

...

  1. specific

...

  1. view,

...

  1. restrict

...

  1. the

...

  1. preload

...

  1. to

...

  1. that

...

  1. view

...

  1. by

...

  1. adding

...

  1. a

...

  1. views

...

  1. attribute

...

  1. to

...

  1. your

...

  1. <Preload>

...

  1. tag.

...

  1. For

...

  1. example,

...

  1. to

...

  1. restrict

...

  1. a

...

  1. preload

...

  1. to

...

  1. the

...

  1. canvas

...

  1. view,

...

  1. add

...

  1. views="canvas"

...

  1. to

...

  1. your

...

  1. <Preload>

...

  1. tag.

...

  1. You

...

  1. can

...

  1. also

...

  1. specify

...

  1. multiple

...

  1. comma

...

  1. separated

...

  1. views,

...

  1. like

...

  1. views="canvas,profile"

...

  1. .

...

The

...

following

...

example

...

makes

...

three

...

preloaded

...

requests:

...

  1. The

...

  1. request

...

  1. to

...

  1. http://www.example.com/owner_data.json

...

  1. is

...

  1. signed

...

  1. with

...

  1. only

...

  1. the

...

  1. owner's

...

  1. ID

...

  1. number.

...

  2. The

...

  1. request

...

  1. to

...

  1. http://www.example.com/global_view_data.json

...

  1. is

...

  1. a

...

  1. regular

...

  1. HTTP

...

  1. GET

...

  1. request

...

  1. and

...

  1. preloaded

...

  1. for

...

  1. all

...

  1. views.

...

  2. The

...

  1. request

...

  1. to

...

  1. http://www.example.com/profile_view_data.json

...

  1. is

...

  1. a

...

  1. regular

...

  1. HTTP

...

  1. GET

...

  1. request,

...

  1. and

...

  1. is

...

  1. only

...

  1. made

...

  1. for

...

  1. profile

...

  1. and

...

  1. home

...

  1. views.

...

Code Block
xml
xml
<ModulePrefs title="Preloads">
  <Require feature="opensocial-0.9" />
  <Require feature="views" />
  <Preload href="http://www.example.com/owner_data.json" authz="signed" sign_viewer="false" />
  <Preload href="http://www.example.com/global_view_data.json"  />
  <Preload href="http://www.example.com/profile_view_data.json" views="profile,home" />
</ModulePrefs>
{code}

Please

...

see

...

the

...

Gadgets

...

XML

...

Reference

...

for

...

more

...

information.

...

Proxied Content

Proxied content lets you use the HTML markup from a remote web page and use it as the content for one of your application views. This lets you do most of your gadget development on a remote server, instead of in a gadget XML file.

The following example uses the content at http://www.example.

...

com<}e}

...

for

...

the

...

{{canvas

...

view:

...

Code Block
xml
xml
<?xml version="1.0" encoding="UTF-8"?>
<Module>
  <ModulePrefs title="Proxied Content">
    <Require feature="opensocial-0.9" />
  </ModulePrefs>
  <Content href="http://www.example.com" view="canvas">
  </Content>
</Module>
{code}

For

...

more

...

information,

...

see

...

the /wiki/spaces/a/pages/527072 documentation.

Data Pipelining

Data Pipelining defines a way to declare social and remote data requests in gadget XML markup. Using Data Pipelining, an application author can:

  • Retrieve an HTTP URL and access the response in a gadget, through JavaScript or OpenSocial templates.
  • Send social data to a remote server and use the server's response as a gadget view.

Retrieving data using Data Pipelining

Gadget authors can use Proxied Content to specify data to be fetched when the gadget is rendered using the os:HttpRequest tag. The remote content is made available in the current gadget's OpenSocial data context.

The following example demonstrates fetching text content from www.example.com and accessing it from both JavaScript and OpenSocial templates:

Code Block
xml
xml
<?xml version="1.0" encoding="UTF-8"?>
<Module>
  <ModulePrefs title="Data Pipelining - httprequest">
    <Require feature="opensocial-0.9" />
    <Require feature="opensocial-data"/>
    <Require feature="opensocial-templates" />
  </ModulePrefs>
  <Content type="html">
    <![CDATA[ 
      <script type="text/os-data" xmlns:os="http://ns.opensocial.org/2008/markup" >
        <os:HttpRequest key="exampledata" href="http://www.example.com" format="text"/>
      </script>
      <script type="text/javascript">
        var exampledata = opensocial.data.getDataContext().getDataSet('exampledata');
        alert('Got: ' + exampledata.content);
      </script>
      <script type="text/os-template" 
            xmlns:os="http://ns.opensocial.org/2008/markup" 
            xmlns:osx="http://ns.opensocial.org/2009/extensions" 
            require="exampledata">
        Got ${exampledata.content\}
      </script>
    ]]>
  </Content>
</Module>
{code}

For

...

more

...

information,

...

see

...

the /wiki/spaces/a/pages/526835 documentation.

Sending data using Data Pipelining and Proxied Content

While a:request signing can be used to pass an owner or viewer's ID to a remote server using a:JavaScript HTTP requests, your application may wish to transmit additional information, such as friends lists or profile data. Using Proxied Content and Data Pipelining enables this functionality. The following gadget makes a Data Pipelining call to http://www.example.com

...

,

...

sending

...

the

...

current

...

viewer

...

and

...

viewer's

...

friends:

...

Code Block
xml
xml
<?xml version="1.0" encoding="UTF-8"?>
<Module xmlns:os="http://ns.opensocial.org/2008/markup">
  <ModulePrefs title="Data Pipelining and Proxied Content">
    <Require feature="opensocial-0.9" />
    <Require feature="opensocial-data"/>
  </ModulePrefs>
  <Content href="http://www.example.com" authz="signed" sign_viewer="true">
    <os:PeopleRequest key="viewer_friends" userId="@viewer" groupId="@friends" count="2"/>
    <os:ViewerRequest key="viewer" />
  </Content>
</Module>
{code}

The

...

server-side

...

code

...

at

...

http://www.example.com

...

gets

...

a

...

signed

...

POST

...

request,

...

with

...

the

...

following

...

JSON-encoded

...

POST

...

body:

...

{
Code Block
[
{panel}
  { 
    "id" : "viewer",
    "data" : {
      "id" : "1111111111",
      "isViewer" : true,
      "name" : {
        "familyName" : "Testington",
        "givenName" : "Alice"
      },
      "thumbnailUrl" : "http://www.someexamplesocialnetwork.com/img/1111111111.png",
      "isOwner" : true 
    }
  },
  { 
    "id" : "viewer_friends",
    "data" : {
      "startIndex" : 0,
      "totalResults" : 65,
      "list" : [
        { 
          "id" : "2222222222",
          "isViewer" : false,
          "name" : {
            "familyName" : "Testington",
            "givenName" : "Bob"
          },
          "thumbnailUrl" : "http://www.someexamplesocialnetwork.com/img/2222222222.png",
          "isOwner" : false 
        },
        { 
          "id" : "3333333333",
          "isViewer" : false,
          "name" : {
            "familyName" : "Testington",
            "givenName" : "Claire"
          },
          "thumbnailUrl" : "http://www.someexamplesocialnetwork.com/img/3333333333.png",
          "isOwner" : false 
        }
      ]
    }
  }

]
{code}

By

...

processing

...

the

...

POST

...

body,

...

the

...

server

...

can

...

render

...

a

...

viewer-specific

...

application

...

view

...

containing

...

social

...

data.

...

For

...

more

...

information,

...

see

...

the /wiki/spaces/a/pages/526835 documentation.