Thanks for sending the patch through! Having taken a quick glance at the patch I do still have a few concerns about the design choice to hang the custom code of the core classes; Unfortunately I'm all but underway to some developer conferences so don't have the time to do a deep dive into it right now.
However someone on the client-libraries list might, and if not I'll get on it mid next week.
---------- Forwarded message ----------
From:
smart_zoosk <sma...@gmail.com>
Date: Mon, Nov 2, 2009 at 9:00 PM
Subject: Re: Hi5 Rest implementation, would like to contribute
To: Chris Chabot <
cha...@google.com>
Hi5 uses an RSA public key to sign messages sent to consumers, but you
never sign messages to send to them. Their OS 0.8 REST end-points are
not authorized. Also, their non-OS rest end-points use a non-standard
3-legged auth, whereby you send username / password of a app user to
their plain/auth end-point in order to get a temporary access token.
This gives you access to messaging, etc. It is a pretty whack auth
scheme because in practice, you use ANY user's email/pass and get
access to all the REST services.
Anyhow, I made a diff file so you can see the changes against v1.1.0:
http://dl.getdropbox.com/u/288065/osapi_diff.txt
There are also some bug fixes in there which may or may not be already
fixed in the most recent build. I need to catchup with the latest
build at some point.
Typical use example:
// build a external rest object (external meaning non-OpenSocial)
$hi5Rest = new Hi5RestIO($apiKey, null, $osapiStorage);
// build a hi5 provider object
$servProvider = new osapiHi5Provider();
// get the auth token, which may be already cached by the
$osapiStorage
$hi5AuthToken = $hi5Rest->authPlain($userEmail, $userPassword);
// check the type returned
if ($hi5AuthToken instanceof Hi5AuthToken) {
// we have a successful hi5 auth token. Set rest access
$hi5Rest->setAccessToken($hi5AuthToken);
}
// ...
// some various code here
// ...
// send a notificaiton
$hi5Rest->sendNotification($body, $userId);