cs243 review session - stanford universitycourses/cs243/lectures/cs243reviewsession0226.pdfthe oauth...
TRANSCRIPT
![Page 1: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/1.jpg)
CS243 Review Session
Giovanni Campagna
Stanford University
February 26th, 2016
![Page 2: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/2.jpg)
Today’s topic
I The homeworkI Analysis of existing interfaces
![Page 3: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/3.jpg)
The homework
I Posted on the website yesterdayI Due next Thursday (March 3rd)I Task 1: write two appsI Task 2: write an interface and an app
![Page 4: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/4.jpg)
Task 0: setting up ThingEngine
I If you have not already, go do it nowI If it does not work, come to me after the sessionI Go apply for developer account too!
![Page 5: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/5.jpg)
Task 1: write two apps
I Look at the examples that are already in the collectionI Look for the supported interfaces in the dev portalI Look at the ThingTalk documentation in the dev portal
![Page 6: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/6.jpg)
Testing apps
![Page 7: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/7.jpg)
Task 2: write an app and an interface
I Choose what interface you want, and sign up for itI Different groups => different interfaces!
![Page 8: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/8.jpg)
The existing code
I https://github.com/Stanford-IoT-Lab/thingpedia-common-devices
I One folder per thing, with manifests at the top
![Page 9: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/9.jpg)
A simple interface: Body Trace Scale
const Tp = require(’thingpedia’);module.exports = new Tp.DeviceClass({
Name: ’BodyTraceScaleDevice’,Kinds: [’scale’],_init: function(engine, state) {
this.parent(engine, state);this.serial = state.serial;this.username = state.username;this.password = state.password;this.uniqueId = ’com.bodytrace.scale-’ + this.serial;this.name = "BodyTrace Scale " + this.serial;this.description = "This is a BodyTrace Scale "
+ "owned by " + this.username;},
});
![Page 10: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/10.jpg)
Handling Auth
I Option 0: no auth at allI Option 1: username and passwordI Option 2: OAuth
![Page 11: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/11.jpg)
The OAuth model
1. User clicks on button2. Redirect to login page by service provider3. User approves login4. Redirect to our server with auth code5. Server calls service provider to convert auth code into access
token6. Server uses access token to make requests
![Page 12: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/12.jpg)
The OAuth model & you
1. User clicks on button2. Your code sets up the redirect3. Redirect to login page by service provider4. User approves login5. Redirect to our server with auth code6. Your code calls service provider to convert auth code
into access token7. Your code uses access token to make requests
![Page 13: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/13.jpg)
OAuth in Jawbone
UseOAuth2: Tp.Helpers.OAuth2({kind: ’com.jawbone.up’,client_id: ’v3sYocgyPaE’,client_secret: ’...’,scope: [’basic_read’, ’extended_read’, ...],authorize: ’https://jawbone.com/auth/oauth2/auth’,get_access_token: ’https://jawbone.com/auth/oauth2/token’,callback: // callback when OAuth is done
})
![Page 14: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/14.jpg)
Completing Authcallback: function(engine, accessToken, refreshToken) {
var auth = ’Bearer ’ + accessToken;return Tp.Helpers.Http.get(
’https://jawbone.com/nudge/api/v.1.1/users/@me’,{ auth: auth,
accept: ’application/json’ }).then(function(response) {
var parsed = JSON.parse(response);return engine.devices.loadOneDevice({
kind: ’com.jawbone.up’,accessToken: accessToken,refreshToken: refreshToken,userId: parsed.data.xid,userName: parsed.data.first + ’ ’ +
parsed.data.last },true);
});}
![Page 15: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/15.jpg)
More complex forms of Auth
I That was OAuth 2.0, aka "good OAuth"I Twitter uses OAuth 1.0I Singificantly less standardI Solve that by providing custom code in UseOAuth2 hook
![Page 16: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/16.jpg)
Packaging up your device
{"name": "thingengine-device-bodytrace-scale","version": "1.0.0","description": "BodyTrace Scale support in ThingEngine","author": "Stanford IoT lab","main": "device.js","dependencies": {
"q": "~1.4.1"}
}
![Page 17: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/17.jpg)
Testing your device
![Page 18: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/18.jpg)
The submission page
I Thing ID: as described in the homeworkI Thing name and description: as shown in the dev portalI Always check "This interface requires additional JS code"
![Page 19: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/19.jpg)
The manifest
{"auth": { "type": "oauth2" },"types": ["online-account"],"global-name": "google","params": {},"triggers": {},"actions": {}
}
![Page 20: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/20.jpg)
Triggers and actions
module.exports = new Tp.ChannelClass({Name: ’MyChannel’,_init: function(engine, device) {// constructor},_doOpen: function() {// start},_doClose: function() {// stop}
});
![Page 21: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/21.jpg)
The easy part: actions
module.exports = new Tp.ChannelClass({Name: ’TwitterSinkChannel’,Extends: Tp.SimpleAction,_init: function(engine, device) {
this.parent();this._twitter = // make twitter API client
},
_doInvoke: function(status) {console.log(’Posting Twitter status’, status);
this._twitter.postTweet({ status: status }, function(err) {console.log(’Tweeting failed: ’ + err);
}, function() { });}
});
![Page 22: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/22.jpg)
Polling triggers
module.exports = new Tp.ChannelClass({Name: ’RESTPollingChannel’,interval: 3600 * 1000 * 3,_init: function(engine, device) {
this.parent();this.url = ...;
},
_onResponse: function(response) {// handle response
}})
![Page 23: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/23.jpg)
Handling the response
_onResponse: function(response) {return Q.nfcall(xml2js.parseString, response).then(function(result) {
var temp = result.weatherdata[’product’][0].time[0];var time = new Date(temp.$.to);var temperature = temp.location[0]
.temperature[0].$.value;var humidity = temp.location[0]
.humidity[0].$.value;var event = [time, temperature, humidity];
this.emitEvent(event);}.bind(this));
}
![Page 24: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/24.jpg)
Other examples
I BodyTrace .sourceI SportRadar .nfl, .nba_team, .soccer_eu_team
![Page 25: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/25.jpg)
What about Jawbone?
I Jawbone has many very similar endpointsI source.js has the common codeI Each channel instantiates source.js
![Page 26: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/26.jpg)
Better than polling
I Set up persistent HTTP connectionI Handle items as they comeI Example: Twitter .source
![Page 27: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/27.jpg)
Recap: what to look at
I BodyTrace: password auth, stateful polling triggerI Sportradar: stateless polling triggerI Jawbone: simple OAuthI Twitter: complex OAuth, non-polling trigger
![Page 28: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/28.jpg)
What NOT to look at
I Do not look atI Google, Facebook (stubs)I Bluetooth Generic (placeholder)I Heatpad (XMPP & hacky)I Test (mock device)I Weather (broken)I LinkedIn (is a "generic device")
![Page 29: CS243 Review Session - Stanford Universitycourses/cs243/lectures/CS243ReviewSession0226.pdfThe OAuth model 1.Userclicksonbutton 2.Redirecttologinpagebyserviceprovider 3.Userapproveslogin](https://reader034.vdocuments.mx/reader034/viewer/2022050516/5fa07efb2deb2c40df00c14a/html5/thumbnails/29.jpg)
Further help
I Hackathon sessions tomorrow (Saturday) and MondayI 2pm to 5pm in Gates 409I Come and talk to me if you’re attempting extra-creditI Come and talk to me if you want to roll your own ThingPedia