You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shindig.apache.org by Cassie <do...@google.com> on 2008/07/08 19:28:21 UTC

Re: The perfect social service interfaces

On Wed, Jun 25, 2008 at 9:47 AM, Henning P. Schmiedehausen <hps@intermeta.de
> wrote:

> Cassie <do...@apache.org> writes:
>
> >  public ResponseItem<RestfulCollection<T>> getItems(UserId userId,
> >      GroupId groupId, String appId, Set<String> fields, SortOrder sort,
> >      SortDirection direction, FilterType filter,
> >      int first, int max, SecurityToken token);
>
> Why is "appid" needed? And especially, why is it in the method signature?


appId would be needed because with the restful spec you can request data or
activities for a specific app which does not necessarily have to be the
authorized app.


>
> Some background: We are using a shindig install, where the secure
> token is completely opaque and all information inside the token is
> never visible to the java side. App id is a part of this
> information. So we hand the token to our "backend", which also created
> the token in the first place and knows how to decode it and rely on
> the backend to find the right application.
>
> For our case, this whole API is unimplementable. We would basically use:


so the restful spec allows a sort order, a set of fields to filter by,
pagination etc for each of the url endpoints. if your service chooses not to
support those than that is fine, but we need to allow some containers to
support sorting or paginating of activities and what not. its just the most
general interface i suppose. does that sound ok?


>
>
> public ResponseItem<RestfulCollection<T>> getItems(Set<String> fields,
>    UserId userId,
>    GroupId groupId,
>     SortOrder sort,
>    SortDirection direction, FilterType filter,
>    int first, int max, SecurityToken token);
>
> And our implementation has a way of doing
>
> validate(userId, token); (Similar to getIds from PeopleService)
> String appId = someTransform(token);
>
> With "someTransform" either being a callback to our backend to get the
> information (bad, because roundtrippy) or better, we hand out all the
> needed stuff (fields, sort, direction, filter, first, max) and the
> token to the backend and it knows how to deal with this by looking
> into the token.
>
> BTW: When did groupId appear? Did I miss something? :-)


groupId comes from the rest urls as well - cause they all look like
/<type>/<userId>/<groupId>/...

like /people/john.doe/@friends or /people/john.doe/@self
so @friends or @self indicate the group. the restful spec also allows
arbitrary groups (as opposed to the special tokens)




>
>     Ciao
>        Henning
>
> --
> Henning P. Schmiedehausen  -- hps@intermeta.de | J2EE, Linux,
> 91054 Buckenhof, Germany   -- +49 9131 506540  | Apache person
> Open Source Consulting, Development, Design    | Velocity - Turbine guy
>
> INTERMETA - Gesellschaft fuer Mehrwertdienste mbH - RG Fuerth, HRB 7350
> Sitz der Gesellschaft: Buckenhof. Geschaeftsfuehrer: Henning Schmiedehausen
>
>   "Professor Peach in the library with the lead piping!" -- Donna
>