Code I/O

A topnotch site

OAuth and Open Data Protocol: Security and data modeling in an “open” way

Leave a comment

Bringing information from various places of interest [namely: News, Social Networks, Emails] has become a common requirement these days, however this brings common challenges in the area of collecting and unifying information from different places.

Firstly, one must be able to connect with various sources.  Secondly bringing information to a common place by understanding the varying structures [RSS, ATOM, GRAPH, more…] for existing information and representing it a well defined unified format.

OAuth comes to the rescue for the first challenge, and for the next challenge of representing information collected from various sources; one can take approach of open data protocol.  To take a similar approach; I recommend using ATOM as a preferred data model to represent and consume information.

In this post I am sharing my experience on OAuth, its benefits, and some tools to play with.  if you’re interested, I recommend you to play with it.

OAuth Protocol and initiative helps to resolve the first challenge (connecting to multitude sources).  As more services implement OAuth; it will become the de-facto protocol for connectivity.  Though there are some exceptions to it, like Google and Facebook, who add their own custom parameters which might make consumers scramble when it comes to choosing a good OAuth library.

One good OAuth library I found is Scribe, this is so far the best one I’ve come across.  Using such simple interfaces helps one to embrace OAuth instead of scaring them away; otherwise, consuming such services will really become a nightmare.

What you must have to start using OAuth:

  • Obtain your consumer key and secret from the service provider.
  • Store this credentials for you application in a secure way; the secret must be safe guarded as it is the password for your application.
  • Once you’ve the key/secret.  You must get 3 URI to play with.
  • The Request Token URL: The endpoint URL required to ask for a request token
  • The Authorize URL: The endpoint URL to redirect to when the request token has been obtained
  • The Access token URL: The endpoint URL to finally get the access token to enable your application consume the service.

When you’ve all the above information, you can use the API to connect and have some fun.  The most simplest way is to use the OAuth playground and try out the entire process.  This will give you an idea about how OAuth functions.

For representing information in ATOM format; Apache’s Abdera project will be a preferable choice.  Further to enhance it into Activity streams, abdera-activitystreams project is worth considering.

What can one do with both such wonderful tools? The best thing is to unify information … however most of them are doing it as of today; but they are PHP, Ruby on Rails initiatives, having such a wonderful framework for enterprise applications written in Java will be a nice thing to have to speed up projects to consume such information.

I personally call this initiative ‘Atomator’, the process of atomifying information; the purpose of this is be to provide a Java framework that can be used by anyone wanting to consume information from various sources, and add support to the framework that are not, very conveniently.

Currently, I’ve added support for the following:

  • SAP Streamwork
  • Google Mail
  • LinkedIn
  • Twitter
  • TripIt
  • RSS feeds
  • ATOM feeds

Adding few more “commonly” used sources will make this component a generic framework.  As well, I believe that Atomator can become a very interesting project for the open source community.  Let me know what you think of it.  Feel free to talk to me if you’re interested in knowing more about it.

Now having a framework like that can enable you to build excellent tools for various business scenarios for the cloud, desktop and mobile platform.

Tech fact: Did you know you could consume e-mail as atom feed? At least Google does that via

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s