ARCHIVED: Using OpenSocial REST in the Orkut sandbox

Though the OpenSocial REST documentation implies you can experiment with the examples using the Unix wget command, you must make sure the URLs are signed and carry proper security information.

The fetchPerson() method in the OpenSocialClient.java class constructs a URL similar to (replacing orkut_user_id with an actual user ID number):

  http://sandbox.orkut.com/social/rest/people/orkut_user_id/@self

If you use this URL with wget or put it in your browser, you should see the error:

  HTTP request sent,  awaiting response...
  401 The request did not have a proper security token nor oauth message and unauthenticated requests are not allowed

The signed URL used in the REST operation looks like:

  http://sandbox.orkut.com/social/rest/people/orkut_user_id/@self?oauth_consumer_key=orkut.com%3A623061448914
  &oauth_nonce=1231537930162003000&oauth_timestamp=1231537930&oauth_signature=0h%2FU49KtBplnmnc%2BhDKsDxFPR9k%3D
  &oauth_signature_method=HMAC-SHA1&oauth_token=&xoauth_requestor_id=03067092798963641994&oauth_version=1.0

The URL is time stamped, so it's good for only one invocation.

To reproduce this, make the following change to DisplayProfileInfo.java:

  // c.setProperty(OpenSocialClient.Properties.RPC_ENDPOINT
  // "http://sandbox.orkut.com/social/rpc"\);
  c.setProperty(OpenSocialClient.Properties.REST_BASE_URI
  "http://sandbox.orkut.com/social/rest"\);

Then, add the following line to the OpenSocialBatch.java submitRest() method:

  OpenSocialRequestSigner.signRequest(request, client\); System.out.println("This is the post-signed REST url: " + request.getUrl(\).toString(\)\);

The base OpenSocialClient.java class is actually just a wrapper around the other classes. Although the client does not apparently support write operations, you can work around this by constructing the appropriate REST POST operation.