Year: 2010

Categories
PHP

Using the Facebook Graph API

I caught viral fever and decided to take the day off from work. To pass my leisure I decided to play with the Facebook APIs. I noticed that Facebook Platform has changed a lot. They have released the new “php-sdk” to let the devlopers integrate facebook into their own sites. Actually, they have released SDKs for other languages too (namely Python and JS). For playing with the toys at hand, I picked up the php-sdk and started browsing through the docs. Amazingly, Facebook has launched OAuth support. I am very happy about that. I no longer need to run my applications inside the facebook frame. Rather I can customize my contents for the facebook users. This is plain cool!

I downloaded the php-sdk and started off. But soon, I faced problem. The php-sdk is not well documented (in my opinion) and I had a very hard time figuring things out. It became even worse when I failed to test some of the features which are tightly integrated deep inside facebook. For example, I couldn’t find a way to construct some advanced URLs and also the sdk was not suitable for my debugging needs. The sdk is not poor, I later found it out to be strong but the main problem is it’s not much documented.

So, to try out things and to figure out how the Facebook OAuth works, I started writing my own codes. That helped though I struggled a bit to setup permissions. When I saw that the code is working fine, I chose to pack it up in a class file and rewrite the testing environment.

It took me 30 minutes to rewrite everything up. The package now contains the library and a console to test different methods.

You can download it from: http://masnun.googlecode.com/files/facebook-graph_API-oauth.zip

Extract it into a directory on your website. Register a facebook application. Go through the traditional setup. Please remember to add your domain name on the Connect tab of the application you created 🙂 Edit the config.php and visit the index.php using your browser. You’ll be redirected to Facebook without a word. When you authorize and return, you get a fine console to test things out and see for yourself! 😀

Lets see a quick intro to the library (facebook.php) 🙂

Facebook requires you to redirect the user to an authorization URL with your client id and the callback url. So, we first do this:

You have to ask for permissions on Authorization. I couldn’t get to make the user extend permissions on the post authorization phase. So, I have included **ALL** available permissions in the config.php. Permission is what I suffered with most. If you use my library, it’ll ask the user for all permissions so that you can test everything out. I know you won’t need all those permissions in production environment. Just comment out the ones you don’t want!

Facebook returns the user to the $callback_url with a GET parameter named “code” with others. By using this code with the application secret and callback url, we can get the access_token for the user 🙂 We can do that easily using the client :

getAccessToken() retrieves the access_token from the facebook server. setAccessToken() adds the token to the facebook object and makes it ready to make api calls.

The $data is an array with the keys – access_token and expires. After we set the access token, we can make API calls from the client. For the details on API Paths, please visit: http://developers.facebook.com/docs/api 🙂

I really liked the new structure of the facebook API. The previous API was bloated and sometimes very hard to implement. I do thank Facebook very much for making things easy for the developers!

Categories
PHP Python

Setting Up Twitter Bots with OAuth

Twitter has decided to kill Basic Authentication on the Twitter API from June 30. They have setup a nice website at http://www.countdowntooauth.com/ to let you all know and help you migrate your apps to use the OAuth 🙂

OAuth is cool. It’s safe and secure for the end user. It’s convenient for the developers as well. Basic Auth entirely depends on the username and password of the user. But if you wish to carry out an in-app transaction, then you’d have to seek the services from Fully-Verified to carry out a KYC verification.

The developer can do whatever s/he wishes with the user account as long as the user doesn’t change the password. On the other hand, if the user for some reason changes his/her password, the application will no longer be able to access the account and provide the desired service. OAuth helps both parties here! When the user authenticates an app via OAuth, it provides the developer with an access token ( a key and a secret ) which is by no way related to the user’s password. It’s unique for every user and application pair. That is every user will have an unique access token only for that application. Now even if the user changes the password, the access token will remain unchanged. The developer can safely store the token and use that to access the user’s account without hassle. Similarly, if the user wants to revoke the access permitted to an application, he or she can easily do that. In that case, the access token becomes invalid and the application loses access to that account.

In the Basic Auth age, it was very easy to develop twitter bots. You just setup the username and password into a configuration file, call the REST API with the login details and you’re done! Yeah, it was quite easy. But it’s not harder now 🙂 Don’t fret, OAuth is also very simple and easy to implement for twitter bots. While you need to go through a two phase OAuth dance to authorize other users, Twitter displays the access token of the developer directly into the dashboard! Thanks to Twitter for making things so plain for developers! With your own access token, you can authorize your apps directly without any further verification.

To get the access token, first go to : http://dev.twitter.com. Login if you’re not already logged in. Use the twitter ID you want to run as a bot. Go to http://dev.twitter.com/apps by clicking the “Your Apps” on top right corner. You will see a list of applications under the logged in twitter account. One big advantage of the basic auth was that you didn’t need to create applications. But now you need! Create an application if you don’t already have one created. In most cases you won’t have one since this is probably the first time you’re using OAuth. In that situation, please create an application. Note down the Consumer Key and Consumer Secret after visiting the application page by clicking on any of the application name. Now, on the right hand navigation bar, you’ll see “My Access Token”. Please visit that section and retrieve your Access Token and Access Token Secret. That’s all we needed. Now let’s do some coding to demonstrate the use of these keys and secrets.

We first need to get a Twitter Client library. If you’re already using one, just check to make sure that it has OAuth support. The work flow is simple. First construct the client with the consumer key and consumer secret. Then set the access token key and the access token secret. Now use the client to make Twitter API calls, in our case, to update statuses!

You can get the OAuth libraries from : http://dev.twitter.com/pages/oauth_libraries . But I recommend using Tweepy with Python and Abraham’s TwitterOAuth with PHP . They are not generic OAuth clients. They were built for Twitter and you don’t need to configure any extra parameters to make it work with Twitter.

Here’s the code samples on how to use the libraries to update status via OAuth.

PHP (Abraham’s TwitterOAuth)

Python (Tweepy)

Categories
Python

Quick GUI Development with wxPython and wxGlade

I don’t know C or C++ that much to develop GUI applications. I hate Java and I’m not really ready to type lines after lines to develop very simple applications. PHP and Python are the only available solutions to me. For PHP, I have PHP-GTK, WinBinder and some obsolete tools like wxPHP, php-tk and a few others. For Python, I have PyGTK, PyQT, Tk and wxPython. I have experimented with PHP-GTK, WinBinder, PyGTK, Tk and wxPython. In fact when I first tried to learn python around a year back, I first started with wxPython but ended up with nothing. Time has passed. I want to develop cross platform applications. So, I had to leave WinBinder which is Windows only. I don’t really like the idea of running Windows apps with Wine. I stuck to PHP-GTK for a while and tried PyGTK too. I liked Tk as well. With Windows installation of Python, they ship Tk. But it was not a very rich tool to develop complex GUI applications. While I liked PHP-GTK, I had to admit PHP is not really suitable for developing desktop GUI apps. I loved the flexibility and strength of Python. I experimented with both PyGTK and wxPython. I didn’t try PyQT though. I use Ubuntu (Gnome) and don’t like KDE much.

Among these two, I will definitely go for wxPython. Because applications developed with wxPython is very easy to deploy on both Windows and Linux. And it’s really very easy to finish the layout using the wxGlade tool. wxGlade generates the skeleton Python code in a beautiful way. It defines all the event handlers as well. The code is very well structured. It subclasses the wx.Frame class and defines specific methods for setting the different properties and laying the widgets out. So, if you ever need to tweak the GUI a bit, you’ll know where to find what 🙂

Here’s the source code of a tabbed application I built in just 5 minutes. It has a “Home” button. When you click the button, it opens a new browser and takes you to my website.

I wrote only two lines of code.

Here is the full source code: