引用说明:原文来自于http://djb4ke.iteye.com/blog/654426,为了方便本人阅读,文本格式略有调整。
Apache Shindig homepage
http://shindig.apache.org
实验0:Shindig初体验
部署应用:
1:下载最新的war包
http://shindig.apache.org/download/index.html
(目前版本http://repo2.maven.org/maven2/org/apache/shindig/shindig-server/1.1-BETA5-incubating/shindig-server-1.1-BETA5-incubating.war)
2:将war包copy到 $TOMCAT_HOME/webapps下
3:修改$TOMCAT_HOME/conf下的server.xml文件
将应用部署为tomcat根目录,http://localhost:8080/
(此步骤必须做,因为Shindig调用一些内部的 API,URL都是访问域的根目录):
找到<HOST/>节点,添加<Context docBase="shindig-server-1.1-BETA5-incubating" path="" workDir="work\Catalina\localhost\shindig-server-1.1-BETA5-incubating" reloadable="true"/>
4:启动tomcat后,打开浏览器测试一下:http://localhost:8080/gadgets/ifr?url=http://www.labpixies.com/campaigns/todo/todo.xml
效果如下:
5:有了gadget容器,我们可以尝试着render各种gadget
下面的网址是个gadget的目录,view details后copy gadget的xml源代码附加到http://localhost:8080/gadgets/ifr?url=后面。
http://directory.opensocial.org/gadgets/directory?synd=cad
这里贴几个我试验过的gadget:
http://www.labpixies.com/campaigns/sudoku/sudoku.xml&source=lpep
http://graargh.returnstrue.com/lane/opensocial/v09/mashup/gifts.xml
http://hosting.gmodules.com/ig/gadgets/file/100080069921643878012/myspace.xml
http://warmbrain.com/gadgets/flickr.xml
实验1:下载最新的Build包进行编译运行调试
参照官网build新包和设置了Eclipse编译环境
http://shindig.apache.org/developers/java/build.html
我的编译环境,可以参考一下:
Apache Maven 2.2.1 (r801777; 2009-08-07 03:16:01+0800)
Java version: 1.6.0_17
Java home: C:\Program Files\Java\jdk1.6.0_17\jre
Default locale: zh_CN, platform encoding: GBK
OS name: "windows 7" version: "6.1" arch: "x86" Family: "windows"
编译源代码:mvn
Maven 因为deprecation警告编译出错
在pom.xml文件的properties元素下面添加该元素
<maven.compile.deprecation>off</maven.compile.deprecation>
打开Jetty的Debug端口
在环境变量设置mvn参数:MAVEN_OPTS:-Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,address=8000,server=y,suspend=n
简单介绍:这里打开的debug端口是8000,suspend为no时,除非debug断点中断,如果没有调试器设置断点,server运行与普通运行时一样
※关于maven参数的ref:https://cwiki.apache.org/WICKET/maven-jetty-plugin.html
运行Jetty服务器 : mvn -Prun
http://localhost:8080/gadgets/ifr?url=http://graargh.returnstrue.com/lane/opensocial/v09/mashup/gifts.xml
http://oauth.googlecode.com/svn/spec/ext/consumer_request/1.0/drafts/1/spec.html
Container:
http://localhost:8080/samplecontainer/samplecontainer.html
OpenSocial Dev App (hyves):
http://osda.appspot.com/gadget/osda-hyves.xml
Google calendar
http://www.google.com/ig/modules/calendar3.xml
http://localhost:8080/gadgets/ifr?url=http://www.google.com/ig/modules/calendar3.xml
http://localhost:8080/gadgets/ifr?url=http://www.gadgets.bashennekam.nl/calendar/google_gadget_calendar.xml
中国Containter List
http://wiki.opensocial.org/index.php?title=Resources_for_migration_to_Chinese_containers
Social Site
http://incubator.apache.org/projects/socialsite.html
两篇很有价值的问题,探讨Opensocial结合OAuth的应用:
这个应用很独特,在Social Network中,比如Facebook,添加一个Gadget后(假设javaeye支持),可以在facebook中通过这个Gadget可以得到javaeye blog的Data,可以发文章到javaeye。
http://rollerweblogger.org/roller/entry/oauth_everywhere
http://rollerweblogger.org/roller/entry/oauth_everywhere_continued
需要关注的web应用
http://www.orkut.com
http://www.ning.com
Enable OAuth in Shindig
https://cwiki.apache.org/confluence/display/SHINDIG/Enabling+OAuth+support
实验:在Shindig上跑OAuth,Gadget访问Shindig
为了跑完整的OAuth流程,我们需要在Server端保存gadget的key和secret
打开文件 %SHINDIG_ROOT%/target/work/webapp/WEB-INF/classes/config/oauth.json
这个文件就是OAuth的配置文件,因为我们要run的是Shindig默认的OAuth例子,所以这里已经定义好了,如果以后要自己要添加在,仿照着加进去即可。
shindigoauth config in OAuth.json
"http://localhost:8080/samplecontainer/examples/shindigoauth.xml" : {
"shindig" : {
"consumer_key" : "http://localhost:8080/samplecontainer/examples/shindigoauth.xml",
"consumer_secret" : "secret",
"key_type" : "HMAC_SYMMETRIC"
}
}
同时,我们还需要生成server端自己的key:
Step1:到链接处下载Openssl,http://www.slproweb.com/products/Win32OpenSSL.html
Step2:用下面两个命令可以生成key
openssl req -newkey rsa:1024 -days 365 -nodes -x509 -keyout testkey.pem -out testkey.pem -subj '/CN=mytestkey'
openssl pkcs8 -in testkey.pem -out oauthkey.pem -topk8 -nocrypt -outform PEM
示例-在我的环境下生成key的情形
C:\OpenSSL\bin>openssl req -newkey rsa:1024 -days 365 -nodes -x509 -keyout testk
ey.pem -out testkey.pem -subj '/CN=mytestkey'
Loading 'screen' into random state - done
Generating a 1024 bit RSA private key
.....++++++
........................++++++
writing new private key to 'testkey.pem'
-----
Subject does not start with '/'.
problems making Certificate Request
C:\OpenSSL\bin>openssl pkcs8 -in testkey.pem -out oauthkey.pem -topk8 -nocrypt -
outform PEM
Step3:编辑SHINDIG_ROOT/java/conf/shindig.properties文件
为shindig.signing.key-name和shindig.signing.key-file属性赋值
shindig.signing.key-file是你存放oauthkey.pem的位置。
shindig.properties
.......
### Outbound OAuth support
shindig.signing.state-key=
shindig.signing.key-name=mykey
shindig.signing.key-file=C://OpenSSL//bin//oauthkey.pem
shindig.signing.global-callback-url=http://localhost:8080/gadgets/oauthcallback
shindig.signing.enable-signed-callbacks=true
........
保存后需要重新编译shindig,比较清爽的做法:
step1 : mvn clean
step2 : mvn(或者可以忽略test,用mvn -Dmaven.test.skip=true)
编译完成后启动Shindig
mvn -Prun
oauth.xml
打开浏览器:
进入Shindig默认测试container:http://localhost:8080/samplecontainer/samplecontainer.html
在Displaying gadget输入: http://localhost:8080/samplecontainer/examples/shindigoauth.xml
点击reset all后会render出gadget。
点击Button后会进行Oauth的flow.
问题:Gadget的OAuth参数实在何处保存的:
从表面来看,这仿佛是gadget和SHINDIG两者间的交互。
但是如果稍微深入想想,Gadget被Render出来后只是HTML,不通过server,怎么能发出OAuth这么复杂的request呢,而request当然也不可能是被Gadget正在访问的服务发的(自己验证自己多没意义╮(╯_╰)╭)。那这到底是怎么做的呢?
所以提出这个问题的原因是,如果没仔细看过spec,如果也没觉得费解,就会产生两者在交互的误解。
而且此时的环境是我单独运行的Shindig,用的gadget也是shindig自带的,似乎一切都在shindig中完成,并没有OAuth中consumer和service provider的概念,如果不把Gadget当做cousumer,就更加费解了..
为了说明这个问题,首先引入Shindig OAuth的Flow
0.297sec Gadget向代理发出的请求 写道
POST /gadgets/makeRequest HTTP/1.1
Host: 127.0.0.1:8080
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/533.1 (KHTML, like Gecko) Chrome/5.0.335.1 Safari/533.1
Referer: http://127.0.0.1:8080/gadgets/ifr?container=default&mid=0&nocache=0&country=ALL&lang=ALL&view=default&parent=http%3A%2F%2Flocalhost%3A8080&st=john.doe%3Ajohn.doe%3A6114%3Ashindig%3Ahttp%253A//localhost%253A8080/samplecontainer/examples/shindigoauth.xml%3A0%3Adefault&url=http%3A%2F%2Flocalhost%3A8080%2Fsamplecontainer%2Fexamples%2Fshindigoauth.xml
Content-Length: 521
Origin: http://127.0.0.1:8080
Content-Type: application/x-www-form-urlencoded
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: zh-CN,zh;q=0.8
Accept-Charset: GBK,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=96992031.1272262237.1.1.utmcsr=localhost:8080|utmccn=(referral)|utmcmd=referral|utmcct=/samplecontainer/samplecontainer.html; __utma=96992031.311100061.1272262237.1272262237.1272262237.1; __utmv=96992031.container%2Fshindig
POST Data:
url http://localhost:8080/social/rest/people/@me/@self
st john.doe:john.doe:6114:shindig:http%3A//localhost%3A8080/samplecontainer/examples/shindigoauth.xml:0:default
signViewer true
signOwner true
postData
OAUTH_SERVICE_NAME shindig
oauthState
numEntries 3
httpMethod GET
headers
getSummaries false
getFullHeaders false
gadget http://localhost:8080/samplecontainer/examples/shindigoauth.xml
contentType TEXT
container default
bypassSpecCache 0
authz oauth
0.312sec 服务器发出的请求
GET /oauth/requestToken HTTP/1.1
Authorization: OAuth oauth_callback="http://localhost:8080/gadgets/oauthcallback?cs=DrcUT0ehRxQ0NOrOWaX1W8R5FTVx1nhYmIPjbsVN8rqayhBlVACrTEzM%2F31RZAhsgHGjulkPfcEeC5ohKK%2BFRJseFhIWoNm5RLO%2FS524PnbPzgEswAITYX0dGHAAL8D5hNAVfpyjCuwN%2BK2F3MwddjBjRbI%3D",
opensocial_owner_id="john.doe",
opensocial_viewer_id="john.doe",
opensocial_app_id="6114", opensocial_app_url="http://localhost:8080/samplecontainer/examples/shindigoauth.xml",
oauth_version="1.0",
oauth_timestamp="1272366999",
oauth_consumer_key="http://localhost:8080/samplecontainer/examples/shindigoauth.xml",
oauth_signature_method="HMAC-SHA1",
oauth_nonce="97398594831985",
oauth_signature="/TMZ0kErj5W0v1YzuieRxzN3rdE="
X-shindig-dos: on
Host: localhost:8080
Connection: Keep-Alive
User-Agent: Apache Shindig
返回的响应
HTTP/1.1 200 OK
Content-Type: text/plain
Expires: Tue, 27 Apr 2010 11:16:39 GMT
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 134
Server: Jetty(6.1.22)
oauth_token=b57e1ba2-9eb7-49aa-8a44-89ccf4d6cace&oauth_token_secret=f615ed6a-2fc3-45d9-92bf-9b57a7f1f935&oauth_callback_confirmed=true
Gadget
http://www.opensocial.org/Technical-Resources/opensocial-spec-v09/Gadgets-API-Specification.html#gadgets.io.AuthorizationType