By kkinfy on

Hi Drupal Community,

I have been working on Drupal for the past two and a half years. I have written several custom modules for my projects as well as clients. Last month I had completed my first Drupal based Opensocial Application named 1$ Deal which has been approved in Orkut. Please check the URL http://tinyurl.com/1dollardeal

In this application I achieved a SSO between Social Network Container and Drupal Site as follows:

1) The Drupal Site will be rendered in IFRAME. The src attribute for IFRAME would carry several URL $_GET parameters including the unique orkut id, his name, city and country.
2) Drupal will retrieve the $_GET parameters and assign them to custom session variables. For example the orkut name will be stored in $_SESSION['openappsname'] and so on
3) Drupal then creates a new user with name derived from his unique opensocial id. This is to ensure that no two users get the same id.
4) If the user id is already present then Drupal just authenticates the session for the corresponding user
5) Thus with steps 3 and 4 I was able to achieve Single Sign On between Opensocial container and Drupal
6) Apart from SSO, I also managed to get other user information like his city, country , display name etc from opensocial container which assigned to custom session variables. Thus whenver user submits a Deal on my application, Drupal will keep the fields like name, city, country etc prefilled.
7) I also had written a function that would insert into a custom table the details of the user posted deal.
8) The opensocial gadget will periodically raise gadgets.io.makerequest ( cross domain AJAX ) that would retrieve information on deals posted by the current user and update his / her activity stream with his / her permission. Once information is processed from the table, a flag would be updated so that the record will not be processed again.

My Proposal

I would really love to share my logic with the community by working on a generic module. But being a young entrepreneur (age 26, former employee of Infosys Technologies, Bangalore) I am unable to afford to work on the same as I will have to take care of my office expenses. I am therefore attracted by the idea of reverse bounty.

Given the complexity of the logic and effort involved I would require atleast 3000 USD for the project.

LINK FOR DONATION : http://kkinfy.chipin.com/drupal-opensocial-sso-and-integration-module-de...

Thanks,
KK
(Kamalakannan)

Comments

coderintherye’s picture

coderintherye commented

Rendering in an IFRAME seems like a poor solution. Surely there must be a better way to accomplish this?

kkinfy’s picture

kkinfy commented

Hi,

Conventionally programmers have felt IFRAMES to be a poor solution, but there are certain areas where IFRAMES can be a blessing.

Take for example the opensocial applications which I am discussing about:

The architecture of a opensocial application goes like this:

The networking site implements opensocial specifications as given by google.The api is 100% XML and JS based and absolutely no cross domain AJAX calls are permitted.

(This is different from Facebook API where there are PHP client libraries available)

So this means anyways your application needs to reside on a third party server, which receives and processes request from networking containers via interfacing XML which is the middle man connecting the two worlds, network container and our application. Given this scenario, if you were to build a PHP system from scratch it would take a life time and why to re invent the wheel when you have the power of Drupal with you. So what if we can think of a compromising solution where we can go for IFRAMES ?

Traditionally programmers have been against IFRAMES for the fact that there could not be a proper communication channel between the parent application and iframes. But thanks opensocial API , they have come up with several methods that could help a seamless communication between containers. For example cross domain AJAX is possible with gadgets.io.makerequest and event REST requests are possible with two legged OAUTH

----

Given my thoughts, I would love to hear from other members to correct me if I am missing something.