Building Opensocial Apps

Home , Google AdSense, Messages (Google)

Building OpenSocial Apps

A Field Guide to Working with the MySpace Platform

Chris Cole Chad Russell Jessica Whyte

AAddison-Wesley Upper Saddle River, NJ • Boston • Indianapolis • San Francisco New York • Toronto • Montreal • London • Munich • Paris • Madrid Capetown • Sydney • Tokyo • Singapore • Mexico City Contents

Foreword xvi Acknowledgments xviif About the Authors xix Introduction xxi

I: Building Your First MySpace Application

1 Your First MySpace App 3 Creating the App—"Hello World" 3 Step 1: Sign Up for a Developer Account 3 Step 2: Create an App 4 Step 3: Enter Your Source Code 4 Installing and Running Your App 7 Summary 7

2 Getting Basic MySpace Data 9 The Two Concepts That Every Developer Should Know 9 Basic Concepts: Owner and Viewer 9 Basic Concepts: Permissions for Accessing MySpace Data 10 Starting Our Tic-Tac-Toe App 10 Accessing MySpace User Data 11 Accessing Profile Information Using the opensocial.Person Object 15 Getting More than Just the Default Profile Data 18 opensocial.DataResponse and opensocial. Responseltem (aka, Using MySpace User Data) 19 Error Handling 24 Summary 27

3 Getting Additional MySpace Data 29 How to Fetch a Friend List and Make Use of the Data 29 Getting the Friend List 30 Filters and Sorts 31 Contents ix

Paging 32 Using the Data 37 Fetching Media 39 Photos 39 Albums and Videos 41 Using opensocial.requestPermission and opensocial.hasPermission to Check a User's Permission Settings 43 Summary 45

4 Persisting Information 47 App Data Store 47 Saving and Retrieving Data 48 Refactoring to Build a Local App Data Store 51 Cookies 56 Why You Shouldn't Use Cookies 57 Building the Cookie Jacker App 59 Third-Party Database Storage 64 Summary 65

5 Communication and Viral Features 67 Using opensocial.requestShareApp to Spread Your App to Other Users 67 Defining requestShareApp 70 Writing the requestShareApp Code 71 Calling requestShareApp 72 The requestShareApp Callback 72 Using opensocial.requestSendMessage to Send Messages and Communications 74 Defining requestSendMessage 75 Writing the requestSendMessage Code 76 Callback in requestSendMessage 78 Getting Your App Listed on the Friend Updates with opensocial.requestCreateActivity Basics 79 Defining opensocial.requestCreateActivity 79 Using the Template System to Create Activities 80 Data Types 80 Reserved Variable Names 81 Aggregation 82 Contents

Body and Media Items 82 Using the Template Editor to Create Templates 83 Using opensocial.requestCreateActivity 85 Sending Notifications 88 Summary 90

6 Mashups and External Server Communications 91 Communicating with External Servers 91 Mashups 92 Adding a Feed Reader to Our App 93 Overview of gadgets.io.makeRequest 94 Response Structure 96 Handling JSON Content 97 Handling Partial HTML Content 97 Handling RSS Feed Content 97 Handling XML Content 98 "User's Pick" Feed Reader 98 Setup and Design of the Feed Reader 98 FEED Content Type 104 XML Content Type with Parsing 105 TEXT Content Type 107 Adding a Feed Refresh Option 109 Feed Automation Candy 110 Secure Communication with Signed makeRequest 111 Adding an Image Search 112 Overview of JSONP 112 Implementing the Image Search 113 Posting Data with a Form 114 Summary 114

7 Rushing and Fleshing: Expanding Your App and Person-to-Person Game Play 117 Turn-Based Games 117 Design Overview 118 Adding FriendPicker 119 App Data Game Store 125 Supporting Person-to-Person Game Play 133 Contents xi

Adding P2P Game Play Support in the Game Engine 133 Adding User Feedback 135 Fleshing Out P2P Game Logic 138 Finishing and Clearing a Game 144 "Real-Time" Play 146 Advantages and Disadvantages of App Data P2P Play 148

Summary 148

II: Other Ways to Build Apps

8 OAuth and Phoning Home 153 What Is OAuth? 153 OAuth Libraries 154 Setting Up Your Environment 154 When Is OAuth Not OAuth? 157 Secure Phone Home 157 Unsigned GET Request 158 Signed POST Request 162 Testing Your OAuth Implementation Locally 166 Making Real MySpace Requests 169 Spicing Up the Home and Profile Surfaces Using makeRequest 173 Summary 174 9 External Iframe Apps 177 REST APIs 178 How a REST Web Service Is Addressed 178 Setting Up an External Iframe App 179 The Server Code 181 REST API List 183 The Client Code 197 Friends Web Service and Paging 199 The Profile Endpoint 203 Sending Messages Using IFPC 208 Using the 0.7 Container for postTo 210 The Friends Response from the REST API 211 Summary 212 xii Contents

10 OSML, Gadgets, and the Data Pipeline 213 The Big Picture 213 Gadget XML 214 Data Pipeline 214 OSML 214 Writing a Gadget 214 "Hello World" Gadget 214 Adding a Second Surface to the Gadget 217 Declaring and Using Basic Data 218 Data Pipelining 219 DataContext 220 Data Tags 220 In-Network versus Out-of-Network Data 221 Data Tags os:ViewerRequest and os:OwnerRequest 222 Data Tag os:PeopleRequest 222 Data Tag os:ActivitiesRequest 223 Data Tag os:DataRequest 223 JavaScript Blocks in OSML Apps 225 OpenSocial Markup Language (OSML) 225 Basic Display Tags 226 Remote Content Display Tags 226 Control Flow Tags 226 Putting It Together: OSML Tic-Tac-Toe 226 Setting Up the Gadget 227 Reusing Common Content 230 Working with Data 235 Displaying Data Lists 237 Summary 238

11 Advanced OSML: Templates, Internationalization, and View Navigation 239 Inline Tag Templates 239 Defining and Using a Tag Template 240 Using Client-Side Templates 242 Working with Subviews 245 Converting Tabs to Subviews 245 Contents xiii

HTML Fragment Rendering 248 Adding Content with os:Get 248 Adding Targeted Content with myspace:RenderRequest 249 Data Listeners 250 Displaying JSON Results with a Data Listener 251 Internationalization and Message Bundles 255 Creating Our First Message Bundle 256 Creating Translations of the Message Bundle 257 Including Translations in an App and Testing 258 Future Directions 260 Summary 261

III: Growth and How to Deal with It

12 App Life Cycle 265 Publishing Your App 265 What's Allowed, or Why So Many Apps Get Rejected 266 Dealing with Rejection 267 Contesting a Rejection 267 Managing Your App 274 Hiding and Deleting an App 274 Making Changes to a Live App (Multiple Versions) 274 Republishing a Live App 275 Changing the App Profile/Landing Page 275 Managing Developers 279 Managing Testers 279 Event Handling—Installs and Uninstalls 279 Suspension and Deletion of Your App 280 Summary 281

13 Performance, Scaling, and Security 283 Performance and Responsiveness 283 What Is Responsive Performance and What Is Scale Performance? 283 Design for Responsiveness 284 xiv Contents

Responsive OpenSocial App Performance Guidelines 285 Design for Scale 292 App Guidelines for Internet-Scale Performance 293 Stability and Fault Tolerance 299 Rule 1: Validate Inputs 299 Rule 2: Test OpenSocial DataResponse Objects for Errors 300 Rule 3: Provide Time-Outs and Error Flow 300 Rule 4: Don't Assume That Weird Error Was an Anomaly 300 User and Application Security 300 User Data Security 301 Application Security 301 Hacking and Cracking 302 Summary 303

14 Marketing and Monetizing 305 Using MySpace to Promote Your App 306 The App Gallery 306 App Profile, or Bringing Out the Bling 308 MySpace's Own MyAds 308 User Base and Viral Spreading 309 Listen to Your Customers 311 Ads 311 Google AdSense 311 Cubics 313 RockYou! Ads 314 Micropayments 316 PayPal 316 Boku 317 Others 318 Interviews with Successful App Developers 318 Dave Westwood: BuddyPoke (www.myspace.com/buddypoke) 318 Eugene Park: Flixster (www.myspace.com/flixstermovies) 321 Contents xv

Tom Kincaid: TK's Apps (www.myspace.com/tomsapps) 322 Dan Yue: Playdom (www.myspace.com/playdom) 324 Summary 326

15 Porting Your App to OpenSocial 0.9 329 Media Item Support 330 opensocial.Album 330 Fetching Albums 333 Fetching Media Items 335 Updating Albums and Media Items 338 Uploading Media Items 340 Simplification of App Data 341 REST APIs 343 Summary 348

References 351

Index 355