OAUTHОРИЗАЦИЯ И API СОЦИАЛЬНЫХ СЕТЕЙ Артём Курапов.

Slides:



Advertisements
Similar presentations
Social Media Marketing Presented by Jacob Richman TechShoret Conference, February 26, 2009.
Advertisements

Overview of Twitter API Nathan Liu. Twitter API Essentials Twitter API is a Representational State Transfer(REST) style web services exposed over HTTP(S).
Authentication Simon Cross Partner Engineer facebook.com/sicross An Overview.
The Graph API Simon Cross Partner Engineer facebook.com/sicross An Overview.
Social Channels Cat Lee Program Manager, Developer Relations facebook.com/cat Driving traffic to your app.
OAuth 2.0 By “PJ” (JP on meetup.com) iOS and PHP developer, and occasional lawyer Contact me via:
Using Social Media in Health Promotion Gloria Tsang, RD Founder of HealthCastle.com.
OULU ADVANCED RESEARCH ON SOFTWARE AND INFORMATION SYSTEMS Teppo Räisänen | Oulu University of Applied Sciences Facebook API Teppo Räisänen
Social Media for Late Adopters Brian Jenkins Digital Media Coordinator.
Vocabulary: Shortcuts :)= ………………………………... :(= ………………………………… :o = ………………………………. CU = ………………………………. 4U = ………………………………. 2U = ……………………………... I’m happy I’m.
Facebook Applications Teppo Räisänen. Facebook Applications Facebook provides many Software Development Kits (SDK’s) – PHP SDK – iOS SDK – Android SDK.
Социальный инжиниринг и социальные сети Актуальные угрозы для пользователей социальных сетей.
Учитель математики Кулакова Т.М. МОУ ООШ №15 г.о Новокуйбышевск Самарской области Сентябрь 2011г.
Adjusting your Facebook Privacy Settings Privacy, please!
Erstmedia, , Москва, ул. Профсоюзная, 93А, офис (495) , Стратегия и тактика крупного бренда.
Facedroid Facebook for Android. Facebook Application - API key - Secret key - PHP page Facebook Application - API key - Secret key - PHP page Facebook.
Social Design with Facebook Lessons from Scribd's Integration Matt Riley
WELCOME TO THE AHIA CONNECTED COMMUNITY! HEALTHCARE INTERNAL AUDIT'S PROFESSIONAL THOUGHT LEADERSHIP COMMUNITY.
Getting Started (The Basics) Copyright 2012 Peoplemovers.com, All rights reserved.
Presented by NYSFAAA’s Technology & Innovation Committee New York State Financial Aid Administrators Association, Inc.1.
Social Media Apps Programming Min-Yuh Day, Ph.D. Assistant Professor Department of Information Management Tamkang University
Creating an Online Professional Presence Using Social Media.
SOCIAL NETWORKS AND THEIR IMPACTS ON BRANDS Edwin Dionel Molina Vásquez.
BUILDING A FACEBOOK APP. STEP 1 Create a Developers License. Make sure to take note/record the app id/key.
How To Manage Your Social Media Presence in Just 10 Minutes A Day! And be more popular than the local news guy!
Social Media Insights Emily Kellagher. Social Media Expert? Emily Kellagher.
FACEBOOK MARKETING FOR BUSINESS. Facebook Optimize Facebook Page Build Audience Setup Facebook Advertisement Facebook Page Insight.
FaceBook and Your Business Women in Technology in Nigeria Presented by Mrs M.O Alade Women in Technology in Nigeria
Why I LIKE the Facebook Database… Sharon Viente May 2010.
Mark Phillip markphillip.com The New Facebook: More than just a redesign.
Facebook 101: What Dance Studio Owners Need To Know Presented By: Jill Tirone facebook.com/dancefitmarketing
Social Media Apps Programming Min-Yuh Day, Ph.D. Assistant Professor Department of Information Management Tamkang University
The New SIMnet.org with Social Networking User Orientation Notes June 21,
American Chemical Society Mark Carpenter ACS Leadership Conference January 21, 2011 Social Networking for Technical Divisions.
Facebook for Business Greg Clement and Rick Scheeser.
Insights from Pubcon. Facebook Our clients competing with friends, family, and other pages on Facebook.
Photo Album by User
Facebook Query Language Dr.Kwanchai Eurviriyanukul February 2011 RMUTL.
 Facebook Integration on iOS Phan Thanh Phat Huynh Thanh Van.
Training course “Stay Tuned Online” Djakovo, Croatia of September 2015 #StayTunedOnline
Social Media and Your Career How to use social media to land your next job Confidential -- Copyright Web Developers of New York All Rights Reserved.
Facebook API Kelly Orser. Client Libraries Client libraries will simplify the calls to the platform by reducing the amount of code you have to write.
Erin Winter March 25 th, 2009 Mr. Tieri.  Talk to friends, family, co-workers etc.  Share pictures  Meet new people & Connect with old friends  Send.
Social networks: facebook lianne lindeke charlie mayfield january 25, 2012 uwsmc.
Social Media 101 Brindey Weber January 29, What We’ll Learn What is Social Media? Twitter Facebook LinkedIn Blogs Where you fit in.
Public Communication Staying connected to Kitsap County.
Security Considerations
Lab #3: Programming Exercises for Social Web APIs By J. H. Wang Dec. 26, 2011.
Dominique Renault. > Groups Groups - A group can be set up by any user and can be set to private. These are generally used by smaller groups of people.
Social Media Apps Programming Min-Yuh Day, Ph.D. Assistant Professor Department of Information Management Tamkang University
Presented by: Empower Your Business Using Social Media.
Matt Bostrom, APCO Worldwide THE SIX ONLINE REPUTATIONAL DRIVERS.
Virtual techdays INDIA │ November 2010 Integrating Social Networks with ASP.NET Krishna Chaitanya T │ Future Web Research Lab, SETLabs, Infosys WE.
Bilal Orhan Enrique G. Ortiz.  Friend mapping for the masses  Easy to use Facebook App to view friends’ current location on a map.
By Samantha Kozar.  What are social networks?  What is Facebook?  What is Gowalla?  What are the capabilities of these sites?  Privacy Settings 
EXTENDING YOUR REACH WITH SOCIAL MEDIA RPIC Zone 24E PDG Tanya Wolff #Rotary.
LITA & Social Media: Using Social Software to Connect with Members Task: Determine the appropriate "social software" functionality to deploy to meet the.
HFMA Chapter Toolkit Aligned with the Early Careerist Task Force Related Toolkits Social Media Overview Social Media LinkedIn Groups Social Media Twitter.
(Part 2). From Part 1 We …  Signed up to be facebook developers Verified our facebook account. Added facebook developer app.  Setup a Heroku facebook.
Getting the Word Out Presenter’s Name(s).
Social Media Dominique Renault.
Social Networks Integration in Android
Yahoo! Social APIs Sophie Major Nagesh Susarla
Facebook Support Number | Solve All Problems
GOOGLE + Google+ (pronounced Google plus) is a Google social networking project. It lunched in June 2011 and there are more than 212 million active users.
online newspaper’s journalists

Facebook Group Page Parent Agreement
WHAT IS THE DIFFERENCE BETWEEN THE FACEBOOK NEWSFEED AND THE TIMELINE
Presentation transcript:

OAUTHОРИЗАЦИЯ И API СОЦИАЛЬНЫХ СЕТЕЙ Артём Курапов

Пузомерки Facebook – 500 млн (апрель 2010) Twitter – 145 млн (апрель 2010) Вконтакте – 91 млн (октябрь 2010) Linkedin – 75 млн (ноябрь 2010) Одноклассники – 45 млн (февраль 2010)

От перехвата паролей и.. RSS?

Решение – временные пароли Свет мой, зеркальце! скажи Ищем всех румяных, милых и белых Да, разрешаю

Introducing.. Их две версии и разными фичами Oauth 1.0 reference (RFC5849) Google, Yahoo, Яндекс тоже в теме Перед употреблением прочитать показания на упаковке или посоветоваться с аптекарем

Форма следует за содержанием Абстрактная мысль №1 этого доклада

Twitter OAuth 1.0 → → Redirect.php Consumer key + secret Access key + secret SHA1 + Base64

Twitter — API объекты Statuses, Direct messages Users, Friends, Followers Lists, Subscribers Friendships Geo places Trends

Twitter : новое приложение

Схема Oauth

Twitter - Псевдокод require_once('twitteroauth/twitteroauth.php'); require_once('twitter_oauth/config.php'); $connection = new TwitterOAuth( $aSyncAccount[‘consumer_key'], $aSyncAccount[‘consumer_secret'], $aSyncAccount[‘access_key'], $aSyncAccount[‘access_secret']); $user = $connection->get('account/verify_credentials'); $arrPosts = $connection->get('statuses/user_timeline');

Twitter - впечатления Баг длиной ID в php (E14) Plaintext (в последний раз как я заглядывал)

Вопросы? (Про twitter)

Один из семи инструментов пропаганды Абстрактная мысль №2 этого доклада

Facebook – объекты User (*), Page (*) Status Post Note Photo Video Link Album (Photos, Picture) Event (Feed, Users, Picture) Group (Feed, Members, Picture) Application Subscription Insights Checkin → Comments Likes ← Friends

Facebook – новое приложение Получаем Consumer key (App ID + secret)

Facebook + серверное приложение Oauth 2.0 без подписей, но на SSL Перенаправляем с client_id, redirect_uri, scope = offline_access Пользователь подтверждает привилегии Возвращается с code параметром, обмениваем на access_key |ad22e11d67b e26da |D8PoAPDdvv8onIAf_CasljjK7Pk

Привилегии

Facebook - Псевдокод if(!$token){ if($_REQUEST['code']){ $token = file_get_contents( ' nt_secret='.CONSUMER_SECRET.'&code='.$_REQUEST['code'].'&redirect_uri='.CONSUM ER_URL); } else header('Location: fline_access,create_event,publish_stream,user_events&redirect_uri='.CONSUMER_U RL); } Дальше можно использовать GraphAPI через PHP SDK или просто читать JSON

Facebook + Javascript “GraphAPI” Javascript c FB глобальным объектом FB.init() FB.login() + FB.logout() FB.getLoginStatus() FB.api()

Facebook — впечатления Пароли временные Нельзя прочитать друзей X пользователя без разрешения даже если пользователь разрешил видеть всем #604 error: Сan't lookup all friends of XXXXXX. Can only lookup for the logged in user (XXXXXX), or friends of the logged in user with the appropriate permission

Вопросы? (Про facebook)

У каждой веры своё отношение к клонам Абстрактная мысль №3 этого доклада

Вконтакте - объекты Friends Wall Photos Audio, Video Places Offers Questions Notes Pages

Вконтакте Новый «OpenAPI» (3.0), Iframe плюшки Javascript с глобальным VK объектом Авторизация на MD5 подписях для PHP/ActionScript

Вконтакте - псевдокод // старый по логин-паролю $vkontakte = new vkuserapi ($aSyncAccount['login'], $aSyncAccount[‘password']); $vkontakte->call ('set_activity',array('ts'=>time(),'text'=> $strMessage)); // новая через ID приложения $VK = new vkapi($api_id, $secret_key); $resp = $VK->api('getProfiles', array('uids'=>'1, 2'));

LinkedIN – объекты Person (Company, Education, Recommendation, Position) Connection Share Invitation

LinkedIN OAuth 1.0 Можно убить access token Из объектов API – нет полноценных «компаний» но есть школы Есть JS Api как у Facebook + iframe плюшки

LinkedIN – псевдокод c PEAR require_once 'HTTP/OAuth.php‘; require_once 'HTTP/OAuth/Consumer/Request.php'; require_once 'HTTP/Request2.php‘; require_once 'HTTP/OAuth/Consumer.php'; $oRequest = new HTTP_Request2; $oRequest->setHeader('Accept-Encoding', '.*'); $oRequest->setConfig('ssl_verify_peer', false); $oRequest->setConfig('ssl_verify_host', false); $oAuthRequest = new HTTP_OAuth_Consumer_Request; $oAuthRequest->accept($oRequest); $oConsumer = new HTTP_OAuth_Consumer( $aSyncAccount['consumer_key'], $aSyncAccount['consumer_secret'], $aSyncAccount['access_token'], $aSyncAccount['access_token_secret'] ); $oConsumer->accept($oAuthRequest); $oResponse = $consumer->sendRequest(' search:(people:(id,first-name,last-name,headline,location,industry,distance,public-profile- url,picture-url,positions,educations),num-results)?keywords='. rawurlencode('Артём Курапов'), array(), 'GET'); $oXml = simplexml_load_string($oResponse->getBody());

Одноклассники - объекты Users, Friends Photos Events Messages

Одноклассники API появилась ~ в октябре 2010 ActionScript, JavaScript, REST API SSL auth.login + auth.loginByToken – цель не уловил

Fin — а что такое OpenSocial?