1 / 30

Consumer Training

Consumer Training. A simple start, endless possibilities. Agenda. Authentication OAuth 2 Getting a Token* Supporting more of OAuth 2 Other Authentication Methods Basic SIF_HMACSHA256 Other SSO Solutions Synchronization of Data Dump & Pump* Changes Since Other Options

kristenf
Download Presentation

Consumer Training

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Consumer Training A simple start, endless possibilities.

  2. Agenda • Authentication • OAuth 2 Getting a Token* • Supporting more of OAuth 2 • Other Authentication Methods • Basic • SIF_HMACSHA256 • Other SSO Solutions • Synchronization of Data • Dump & Pump* • Changes Since • Other Options • User Interaction • Finding Yourself • Manually* • Automatically • Service Paths • Combining What we Have Learned • A Cloud Resource for a Course* • Authenticating Your Users • Conclusions • Questions & Answers • More A4L APIs

  3. Resources • New RICone Site • http://sandbox.ricone.org/ • Public access to OAuth server! • GitHub Site • https://github.com/RIConeorg/ • A modern API approach. • Year Old Examples Follow • Library should now be universally applicable! • Please compare slides with the following link. • http://www.ricone.org/vendors/ric-one-api/java-client-developers-guide/

  4. Authentication

  5. OAuth 2 Getting a Token

  6. OAuth 2 Getting a Token • Make sure you library is using http://auth.ricone.org/login • Java • src/main/java/Authenticator.java:22 • Tests should now succeed (no feedback).

  7. OAuth 2 Java Code importriconeapi.models.authentication.*; /** * * @author jlovell */ publicclassRosterAPIDemo{ // See: https://docs.google.com/document/d/1hcsDn18eXuPHU_W6VJo2S0cTm3JvYIKjGocrU9JF07k/pub staticfinal String username = "Demo3"; staticfinal String password = "Demo3"; /** * Fires a consumer SIF 3 xPress Roster demo. * * @paramargs the command line arguments */ publicstaticvoidmain(String[]args){ // So we know we have started. System.out.println("SIF 3 xPress Roster"); // OAuth 2 Get a Token Authenticator auth=null; auth=new Authenticator(username, password); // So we know we succeeded. if(null!=auth){ System.out.print("Token: "); System.out.println(auth.GetUserInfo().getToken()); }

  8. OAuth 2 Java Output • SIF 3 xPress Roster • Token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhcHBsaWNhdGlvbl9pZCI6IkRlbW8zIiwiaWF0IjoxNDU0NzEwMjE1LCJleHAiOjE0NTQ3MTM4MTUsImlzcyI6Imh0dHA6Ly9zZWN1cml0eS5vbmVhcGlkZXYub3JnLyJ9.NX-lRIZngcelr31dIa-QWNRfTm7mDcHLSira0hnwakI

  9. Supporting More of OAuth • http://www.slideshare.net/aaronpk/an-introduction-to-oauth2

  10. Other Authentication Methods • Basic • Standard • Reversible & Replayable • Debug • SIF_HMACSHA256 • A4L Defined • One Way & No Replay • Other SSO Solutions • Solution Templates

  11. Synchronization of Data

  12. Dump & Pump • A4L’s Batch Mode • Good For: • Initial Synchronizations • Nightly Synchronizations • One Time/Occasional Extracts • Immediate Display • Not Good For: • Real time systems • Large data sets

  13. Dump & Pump Java Code // Dump & Pump RicOneApiClientricOne=null; for(Endpoint e :auth.GetEndpoints()) { // So we work around the token experation issue. e.setHref("http://sandbox.ricone.org/api/requests/"); e.setToken("ZTk3MDcxZmItYmFiOS00ODYwLThiOTctNjM2OWZhYjk1Y2IxOlBhc3N3b3JkMQ&authenticationMethod=Basic"); // So we keep the last endpoint. ricOne=newRicOneApiClient(e); } List<XStaffType> staffs =null; if(null!=ricOne){ // So wehave the first five staff we can see. staffs=ricOne.sifXpress.GetXStaffs(1,5); } StringrefId=null; if(null!= staffs){ System.out.println("First five staff:"); for(XStaffType staff : staffs){ // So we keep the last refId. refId = staff.getRefId(); // So we show the first five staff we can see. System.out.print(staff.getName().getGivenName()); System.out.print(" "); System.out.print(staff.getName().getFamilyName()); System.out.print(" : "); System.out.println(refId);

  14. Dump & Pump Java Output • First five staff: • Felix Pomp : 936647C1-1568-4F43-9E75-00007A8B7ED4 • Lucy Waters : 8466A988-B906-4ABE-90EA-00A66745565C • Rashad Patterson : B0092C02-489B-4A8A-8BC6-0035DDEA8CBB • Leslie Huffington : 51C00935-083D-4A97-9661-003A861242A8 • Reuben Galloway : AC83A8B0-1959-4C13-A7AC-00991A77E4F5

  15. Changes Since • A4L’s Changed Records Mode • Good For: • Initial synchronizations • Nightly updates • Large data sets • Not Good For: • Real time systems

  16. Other Options • Delayed Requests • Actual Batch Requests • eTags • Events

  17. User Interaction

  18. Finding Yourself • A key part of any system is allowing a user to work with their data. • While some systems do this transparently, many do not. • Any consumer application connecting the user to SIF interactively should proactively ensure they are asking for that users data.

  19. Manually: Java Code // Find Yourself Manually staffs =newArrayList<XStaffType>(); if(null!=ricOne){ // So we get five staff at a time until we have them all. int max =ricOne.sifXpress.GetLastPage(5,SifXpress.ServicePath.GetXStaffs); for(int i =1; i <= max; i++){ staffs.addAll(ricOne.sifXpress.GetXStaffs(i,5)); } } if(null!=staffs){ System.out.println("All staff:"); for(XStaffTypestaff:staffs){ // So we show all the staff. System.out.print(staff.getName().getGivenName()); System.out.print(" "); System.out.print(staff.getName().getFamilyName()); System.out.print(" : "); System.out.println(staff.getRefId()); } }

  20. Something to Think About

  21. Manually: Java Output • Felix Pomp : 936647C1-1568-4F43-9E75-00007A8B7ED4 • Lucy Waters : 8466A988-B906-4ABE-90EA-00A66745565C • Rashad Patterson : B0092C02-489B-4A8A-8BC6-0035DDEA8CBB • Leslie Huffington : 51C00935-083D-4A97-9661-003A861242A8 • Reuben Galloway : AC83A8B0-1959-4C13-A7AC-00991A77E4F5 • Johnny Whitney : 757A8060-04BE-40B6-A5BC-0061B19B0513 • Desiree Tucker : 287320A6-70C9-4906-B141-001C52B4D48A • Upton Mccarthy : 54BBB4AC-2565-45C4-8E54-001DD426F85A • Angela Spears : 2BB64CFE-CD62-4BFE-BC23-0023B04C6AE5 • Casey Pitts : 99E6FF1F-938E-49AB-BE7E-0078C14AC8E3 • Ross Fowler : CA547F31-9A64-422F-A7DE-005921E84E25 • Josh Wertz : 4ED3B9A3-E037-4B4E-A8CF-008C5FE78243 • Meredith Conway : F55B7CE7-4087-4AC7-B2B0-00108B5715DA • Jorden Huffman : A7ED0945-DD92-46EB-9B54-006278789020 • Shad Moody : 28E7D248-816F-4FD1-B97F-00789FFD6307 • Casey White : CB563E02-A70D-4E3A-9579-001609C2E735 • Audra McArdle : 0C6920B5-7490-44D2-8CBA-005843B27BCD • Lamar Roach : 9AEA4206-D732-4DF1-8044-00238914E913 • Beth Acevedo : 3FA96218-31B7-4151-B131-003A78A03DDF • Jessamine Grant : D3A992DB-E6E0-4D56-B36D-007C49BB4D1E • Patience Blevins : 9AC61FEB-7990-4BC8-9127-009C500463B6 • Ciaran Jacobson : F408183C-B3A7-4624-BA69-00543FF4B15B • Iris Barry : 1D8906E3-4649-42C8-814E-008FF8865434 • Xantha Acevedo : 5931DF6E-73EE-47C4-B450-007EC4577DD4 • Jenette Valencia : 2D8AB54D-BC51-45F7-8529-003D102A830F • Emma Hoffman : 89D96A82-7BA6-4A45-8ACD-0035458639BC • Emi Ray : DB8C3FCF-AD9E-4715-BADB-001C2CC0C0EC • Ezra Welch : 7C9C55DF-6CE4-421A-A60A-00705555FDEF • Patience Douglas : 8AD20DFC-C731-434E-906A-0075EF3DC252 • Brian Huffman : 36DC3FF4-4B55-44AA-9FD5-008E55DE6063 • Harding Leach : 55E38237-E44E-49D6-98EB-0066804612D3 • Emi Smith : 15BBA211-E5D2-4ACA-A1FE-00030FC15C7D • Wendy Chase : EEBC5388-51D4-4E05-848A-007F06F8C5B0 • Patience Neil : F629CA37-889F-4269-96C2-001A90CA21C9 • Maite Wertz : 61126B90-2AF9-4176-9377-005686D1B855 • Eric Donaldson : D8B7E8AC-ACD5-4224-A134-00140BBDEB5A • Allistair Hewitt : 0C84B585-A99A-4372-8176-008BA2BD1A1F • Hakeem Hodge : 159FF5E1-BB04-4B96-9E15-00823AD77126 • Allistair Ortiz : F84C89BF-51C0-440D-B66C-000C48CFDA6A • Reuben Sears : B50CA6C1-D75F-4C0B-915F-00989B22B457 • Kirby Pena : 6D04B546-7618-4A17-BAFB-0024489A9B78 • Brandon Olson : 0A363E64-8A65-4873-A971-006192DE8D55 • Christian Peterson : 7975B54E-8025-4A8E-BDF9-0001739C3DEA • Kristin Keith : 6C1C6566-1FC2-4BD0-B22D-0089FAD08361 • Wang Tran : AF3AAC9E-D68D-49AB-AA01-007DD8F3E69C • Astra Baker : F9E00EAB-8ACF-4436-A4E5-0027BED938E4 • Cara Hill : A90CD71D-F2D3-4FAD-B9AA-004FF6DEE142 • Will Chavez : 64A9F4DD-4362-4894-A0F4-0020F9CD98C2 • Brad Herring : 9DB0224B-80BE-4094-8510-007BABF0BE61 • Mallory Hoffman : 83816AA4-723D-4AED-A5A6-00A8F588BDA7 • Noelle French : 2AF3763B-AD9E-430B-A252-007DE2028A01 • Allegra Gallegos : 35A20CE9-E563-41EA-B023-003D765941F1 • Dan Fowler : 174430E1-6529-4332-8196-00254C65E175 • Nancy Battle : 6BAAF636-1D54-445E-AED6-007A93AB6F7C • Destiny Smith : 31C0AE21-B978-4D3C-A7CE-0007158B3C91 • Wing Maker : A8E3E193-F455-49DE-B889-004D1C638650 • Cade Wade : 8E46FE70-DF10-4040-9369-0079DBB35C69 • Hamilton Smith : 8ECC331A-E9C5-4DBF-BC3E-008B187F29A0 • Josh Castaneda : 4BFCC579-104F-4712-BCF8-004A1D03B15D • Anthony Sosa : 02345889-4B79-4289-B99B-0076651A9C18 • Astra Neil : F44CEDA6-5D2D-444F-941A-00152B9FF4FE • Jennifer Rich : C1AD2A61-9211-495E-9F86-00A39CDC2AC1 • Gregory Sutton : 9B3ADEE4-F332-450E-93C8-0082193102ED • Tanya Mullins : E2C2E707-1BDD-4B01-9659-003E8CBF9F3B • Hayley Willis : 1F181848-A97A-4B49-8784-00415AD0F442 • Ann Rhodes : 6C9E050E-9177-4C6A-AF02-0022276B7335 • Reed Rich : 56E0011C-6EAA-4B95-AB68-000203F3195F • 53 More not shown!

  22. Automatically Along with the OAuth response there may be one or more UUIDs returned that relate to the account being used. These take the form of <object name> + RefId and can be used to greatly reduce the number of interactions required to make requests. ExampleSnippetfromResponse “xStaffRefId” : “813C565F-366F-4E03-8598-00424085D17A”

  23. Service Paths • Scope data to: • A school • A local educational authority (LEA) • A staff member • A student • A contact • A course • A section

  24. Service Path Java Code // Service Path List<XStudentType> students; students =newArrayList<>(); if(null!=ricOne){ // So we get five students at a time until we have all the related. int max =ricOne.sifXpress.GetLastPage(5,SifXpress.ServicePath.GetXStudentsByXStaff,refId); for(int i =1; i <= max; i++){ students.addAll(ricOne.sifXpress.GetXStudentsByXStaff(refId, i,5)); } } if(null!= students){ System.out.println("Related students:"); for(XStudentType student : students){ // So we show all the student. XPersonNameTypename=student.getName(); System.out.print(name.getGivenName()); System.out.print(" "); System.out.print(name.getFamilyName()); System.out.print(" : "); System.out.println(student.getRefId()); } }

  25. Combining What we Have Learned

  26. A Cloud Resource for a Course User Scenario 1: Provisioning Educational Systems Jack sells online learning for “Earth Sci 9H”, a popular online earth science curriculum. Planet School District purchased Jack’s curriculum only for its students who are taking earth science and the teacher teaching it. The school’s online learning platform uses SIF xPress to securely connect the district and its content publishers. “Earth Sci 9H” has been given SIF xPress Roster credentials to the district’s data. Jack wants to make sure that only teachers and students actually taking earth science will be set up with “Earth Sci 9H” accounts.

  27. Authenticating Your Users • Get them • Find there ids • /xStaffs​/xStaff​/loginId • ​/xStudents​/xStudent​/loginId • SSO away

  28. Conclusions

  29. Questions

  30. Other APIs • SRE • Grade Book • Attendance • Assessment

More Related