2013 Resolutions


It is that time of the year to make resolutions and revisit the old ones.

Last year I wrote down 10 resolutions and looks like I completed only 2.5 resolutions.  That would be an F grade, pretty pathetic.  Looking back, 10 resolutions is too many and it is difficult to accomplish all of them.

Now 2013 has arrived and it is time for me to give another shot at setting new resolutions.

Here are 2013 resolutions

  1. Write a blog every quarter
  2. Give a tech. talk at a big data related conference
  3. Seek promotion
  4. Learn leadership skills
  5. Finish reading the Start-up of  You book
  6. Learn HBase
  7. Run in a half-marathon
Posted in Uncategorized | 1 Comment

2012 Resolutions


2012 is upon us and now is the time to make or declare resolutions. 

Below is a list of resolutions for 2012:

  1. Write 12 blogs – one per month (one down and 11 more to go :) )
  2. Finish the Algorithmic Puzzles book I got over the holiday break
  3. Complete the news4spring application
  4. Be more proactive in participating in conversations
  5. Teach a new course
  6. Seek a promotion
  7. Give a tech talk
  8. Learn MongoDB
  9. Revisit the resolutions every quarter
  10. Continue six-pack journey

The above list should be enough to keep me busy for the entire 2012.

Posted in Uncategorized | Leave a comment

Using Spring Social To Update Status On Facebook, Twiiter and LinkedIn


A few short months back I learned about the new and exciting Spring Social project and now I finally have a chance play with it.  My goal was to integrate Spring Social into my small Spring MVC application called “Project Voting”, which lets users update their Facebook wall, send a tweet to Twitter and send a network update to LinkedIn. I would like use this blog to share what I learned from this small experiment and some personal comments about Spring Social M1 release.

This blog will cover the following topics:

  • OAuth dance overview
  • OAuth dance with Twitter, LinkedIn and Facebook
  • Using Spring Social templates

Spring Social’s main objective is to make it easy for Java applications to integrate with social network platforms, i.e. Facebook, Twitter, LinkedIn, etc.  It uses the same template technique that was used to make it very simple to work with JDBC or REST operations.  The templates I am referring to are FacebookTemplate.java, TwitterTemplate.java, and LinkedInTemplate.java.  Before you can use any of these templates, you need to provide an access token and/or access token secret.  What is an access token you ask?  Well, it all starts with OAuth dance.

OAuth Dance Overview

In a nutshell, OAuth allows you to share your private data reside on Facebook, Twitter, or LinkedIn with another site without having to hand out your user name and password.  OAuth protocol defines a series of steps to acquire an access token and these steps are known as the OAuth dance.  The OAuth dance is kind of like the “Texas Two Step” dance, it consists mainly of three steps (OAuth 1.0), which seem deceptively simple, but require time and dedication to master them.

Here is a short list of resources about OAuth dance:

The OAuth dance consists of three steps and the last step is when the access token is handed out.

  1. Establish request token
  2. Redirect user to authorization server – this is when user will enter his/her user name and password as well as granting authorizations for a website to access his/her data on his/her behalf
  3. Request access token

All major social network platforms implement OAuth protocol (some are on OAuth 1.0 and a few are on OAuth 2.0), which requires them to expose URLs for the above steps.  The beauty about a standard protocol is once you figure out how to work with one of these platforms, working with the next one is just a mattering of using the correct URLs.  OAuth libraries are widely available and there is a good chance you will find more than one  library for your favorite language.

OAuth Dance With Twitter, LinkedIn and Facebook

In my Java Spring powered web application,  I used a Java OAuth library called scribe.  One thing I really like about this library is that it provides examples to demonstrate how the OAuth dance works.  You just plugin the api key and api secret key into the sample code, and you are ready to go.   Another thing I like about scribe is that it has built in support for LinkedIn and Twitter, where the LinkedInApi.java and TwitterApi.java classes contain the appropriate request token and access token URLs.  Before showing the code I would like to mention a couple of important classes in scribe for dealing OAuth dance.  They are ServiceBuilder.java and OAuthService.java.  ServiceBuilder.java uses builder design pattern to build an implementation of OAuthService for a specific OAuth version (currently 1.0) implementation.  OAuthService.java interface defines a set of methods for the retrieval of request and access tokens and for the signing of HTTP requests.

The code below is for a use case where a user clicks on <a href=”liStartOAuth.htm”>Sign In with LinkedIn”</a>,  and this request goes to a Spring MVC  handler, which then initiates the request token process by asking SocialNetworkOAuthManager factory to create an instance of SocialNetworkOAuthManger for LinkedIn.  Once the request token is successfully retrieved from LinkedIn,  this handler returns a URL to LinkedIn OAuth authorization server, which displays a form to require user to enter user name and password, and to authorize access to his/her profile on LinkedIn.  After the authorization step is successful, LinkedIn OAuth server will redirect user to a provided callback URL “liEndOAuth.htm” with OAuth verifier token.  A handler for “liEndOAuth.htm” URL then goes and request  an access token and access token secret using the provided verifier token. That concludes the OAuth dance.

@Controller
@SessionAttributes({ "userLinkedInProfile", "linkedIn" })
public class LinkedInController {
   @RequestMapping(value = "/liStartOAuth.htm", method = RequestMethod.GET)
   public ModelAndView startAuthentication() throws TwitterException {
     SocialNetworkOAuthManager linkedInOAuthMgr =
       SocialNetworkFactory.getLinkedInOAuthManager(
         linkedInApiKeyPair.getApiKey(),
         linkedInApiKeyPair.getApiKeySecret());

     ModelAndView mv = new ModelAndView("redirect:" + linkedInOAuthMgr.getAuthorizationURL());
     mv.addObject("linkedIn", linkedInOAuthMgr);
     return mv;
  }

 @RequestMapping(value = "/liEndOAuth.htm", method = RequestMethod.GET)
 public ModelAndView endAuthentication(
      @RequestParam(value = "oauth_token", required = false) String oauth_token,
      @RequestParam(value = "oauth_verifier") String oauth_verifier,
      @ModelAttribute("linkedIn") SocialNetworkOAuthManager linkedInOAuthMgr) {

      AccessToken accessToken = linkedInOAuthMgr.getOAuthAccessToken(oauth_verifier);

      UserLinkedInProfile userLinkedInProfile = new UserLinkedInProfile();
      userLinkedInProfile.setAccessToken(accessToken.getAccessCode());
      userLinkedInProfile.setAccessTokenSecret(accessToken.getAccessSecretCode());

      ModelAndView mv = new ModelAndView("close");
      mv.addObject("userLinkedInProfile", userLinkedInProfile);
      return mv;
 }
}

The actual work of dealing OAuth dance is in the following classes: SocialNetworkOAuthManager.java, LinkedInOAuthManager.java and SocialNetworkFactory.java.

public class SocialNetworkFactory {
 public static SocialNetworkOAuthManager getLinkedInOAuthManager(String apiKey,
                                            String apiSecretKey) {
    return new LinkedInOAuthManager(apiKey, apiSecretKey);
 }
}

import org.scribe.builder.ServiceBuilder;
import org.scribe.builder.api.LinkedInApi;
import org.scribe.model.Token;
import org.scribe.model.Verifier;
import org.scribe.oauth.OAuthService;

public class LinkedInOAuthManager extends AbstractOAuthManager {
 private static final String AUTHORIZE_URL = "https://api.linkedin.com/uas/oauth/authorize?oauth_token=";

 private OAuthService service;
 private Token requestToken;

 public LinkedInOAuthManager(String apiKey, String apiSecretKey) {
   super(apiKey, apiSecretKey);

   service = new ServiceBuilder()
                 .provider(LinkedInApi.class)
                 .apiKey(getApiKey())
                 .apiSecret(getApiSecretKey())
                 .callback("http://myserver.myapp.com:8080/myapp/liEndOAuth.htm")
                 .build();
 }

 public String getAuthorizationURL() {
   requestToken = service.getRequestToken();
   return AUTHORIZE_URL + requestToken.getToken();
 }

 public AccessToken getOAuthAccessToken(String verifierCode) {
   Verifier verifier = new Verifier(verifierCode);
   Token token = service.getAccessToken(requestToken, verifier);
   AccessToken accessToken = new AccessToken(token.getToken(), token.getSecret());

   return accessToken;
 }
}

As you can see, the scribe library makes it pretty easy to deal with OAuth dance.
Once the access token is available, it is just a matter of providing that to Spring Social
LinkedInTemplate.java. Below is an example of retrieving LinkedIn member profile URL and using TwitterTemplate.java to tweet.

  LinkedInTemplate linkedInTemplate = LinkedInTemplate(apiKey, apiSecret, accessToken, accessTokenSecret);
  linkedInTemplate.getProfileUrl();

  TwitterTemplate twitterTemplate = TwitterTemplate(apiKey, apiSecret, accessToken, accessTokenSecret);
  twitterTemplate.updateStatus("This is amazing!!");

Unfortunately the LinkedInTemplate.java in Spring Social M1 doesn’t have a method to update network status. However it is not difficult to add such functionality yourself or see how that is done in this blog.

The code to implement the OAuth dance with Twitter is nearly identical to the code above so I won’t bore you with that code.  The Spring Social TwitterTemplate.java does have a method to send a tweet, so it is fairly trivial to send tweets.

The OAuth dance with Facebook is a bit different from LinkedIn and Twitter.  I guess because Facebook is now on OAuth 2.0.  There are two ways (that I know of) to get an access token from Facebook.  The first way is very simple, but it requires using Facebook JavaScript SDK and the second way is directly interacting with Facebook OAuth server via RESTful API.  In this blog, I will only go over the details of the first approach, which is based on the documentation at Facebook Developers site.

At a high level, FB JavaScript SDK provides an easy way using custom tag to display FB login/logout button and handles the redirection to their authorization server.  One important thing to know is once the authorization is successfully completed, the access token is saved in a cookie with name as fbs_<your Facebook app id>.  This means the server side of your application can easily get its hand on the access token.  Spring Social comes with a handler method argument resolver (FacebookWebArgumentResolver.java) to extract the access token and user id out of the FB access token cookie for you.

Here is JavaScript code snippet.

<script src="http://connect.facebook.net/en_US/all.js"></script>
<script>
  FB.init({appId: '<your app id>', status: true, cookie: true, xfbml: true});
</script>
<fb:login-button autologoutlink="true" perms="publish_stream" ></fb:login-button>

The “perms” attribute of the <fb:login-button> tag is a very important attribute because there is where you can specify what are the different resources that your application would like to have access to on behalf of users of your application.

The snippet of Java code below shows how to get to the access token and user id using Spring Social custom annotations @FacebookAccessToken and @FacebookUserId.

@RequestMapping(value="/fbUpdateStatus.htm", method = RequestMethod.POST)
public ModelAndView updateStatus(@RequestParam("status") String fbStatus,
                                 @FacebookAccessToken String accessToken,
                                 @FacebookUserId String userId) {
   ModelAndView mv = null;
   try {
     FacebookTemplate facebook = new FacebookTemplate(accessToken);
     facebook.updateStatus(fbStatus);

     mv = ModelAndViewUtil.buildSuccessfulAjaxStatus();
   } catch (Exception e) {
     mv = ModelAndViewUtil.buildFailedAjaxStatus(e.getMessage());
   }

   return mv;
}

NOTE: In order to get @FacebookAccessToken and @FacebookUserId annotations to work correctly, the FacebookWebArgumentResolver.java must be properly configured. There are two ways to do this, but the end goal is the same, which is to set FacebookWebArgumentResolver.java as one of the custom argument resolvers in AnnotationMethodHandlerAdapter.java.  The first way is if you are using the convenient <mvc:annotation-driven> tag, then pass an instance of FacebookWebArgumentResolver.java to AnnotationMethodHandlerAdapter inside a custom BeanPostProcessor.  The second way is don’t use the convenient <mvc:annotation-driven> tag and define both the DefaultAnnotationHandlerMapping bean and AnnotationMethodHandlerAdapter bean manually.  This way you can wire in an instance of FacebookWebArgumentResolver to the property customArgumentResolver of AnnotationMethodHandlerAdapter.

In my application I want to provide a small popup with a text box so a user can quickly send a tweet or send an update to his/her FB wall or send a network update on their LinkedIn member profile.  I stumbled upon qTip library, a tooltip plugin for jQuery framework and really like the functionality this library provides.  It makes it so easy to display a very professional looking tool tip.

This blog is getting long and it has pretty much I wanted to write. I am going to end this blog with an observations about the M1 of Spring Social project.

As a Java developer and a big fan of Spring Framework, I am really happy to see the existence of Spring Social project. However, in its current state, it lacks one important feature that I was expecting and that is to make it dead simple to deal with the OAuth dance.  I am sure this feature is going to be available in future release.

If you have any questions or suggestions, I would love to hear them.

Posted in Social Networking, Spring Framework | 16 Comments

Great Eclipse Tutorial Video


I recently watched a video about Eclipse IDE and I must say it is fairly good.  Scott, the presenter, covered a lot of good stuff in Eclipse that both new and experience Eclipse IDE users may not be aware of.

Here is a list of areas in Eclipse that Scott covered:

  • General Eclipse shortcuts
  • Setting up commonly used Java related settings to improve productivity
  • Useful debugging tips, i.e display Java monitors to detect deadlock

It is often said that good Software Engineers need to constantly keep his or her tool box updated.  In mind opinion, watching this video is one of the ways to keep one’s tool box updated.

Here is the link to that video – http://vimeo.com/11887305

Posted in Eclipse, Uncategorized | Leave a comment

Simulating Network Problem Using iptables Command


In a distributed system where communication between services are happening at all time and at the same time network issues or hiccups occur frequently.  A well designed service consumer should able to handle the network connection or timeout issues in a graceful manner.  This issue is magnified to multiple folds if a service client is time bound and expects responses to come back in milliseconds.  So what are the general guidelines or best practices for dealing with the issues outlined above?

Here is a short list of possible solutions.  One must carefully pick the right solution for one’s specific application needs.

  • Exponential backoff – more info
  • Denied access gate with background pinging thread

Regardless of which solution is chosen, what is a good way to simulate the network issues.  This is where the “iptable” command comes in. “iptable” command is generally used by network administrators to administer the tables of IP packet filter rules.  The rule that is useful for our purpose is “DROP”, which drops the packets on the floor.    To simulate a network connection, we can setup a filter rule for a specific host such that all packets that are supposed to go this host will be dropped on the floor.

In short here is the command to set up such filter rule:

sudo iptables -A OUTPUT -p tcp -d <remote host ip> –dport <remote port> -j DROP

When testing is done, make sure to remove the packet filter rule with the following command:

sudo iptables -D OUTPUT -p tcp -d <remote host ip> –dport <remote port> -j DROP

Now we know how to simulate network connection issue and this should help in testing the connection issue error handling code.

Posted in Distributed Programming, Linux | Tagged , | Leave a comment

Ten Things About Groovy Java Developers Should Know


In recent years, there has been an explosion of new scripting languages on the programming landscape and as a developer one needs to be alert of what they are and their strengths and weaknesses.  I recently started  reading about Groovy and below is a synopsis of what I just learned.

  1. Groovy is designed for Java developers and its foundation is the standard APIs of the Java Platform
  2. Features in Groovy are inspired by languages like Python, Ruby and Smalltalk
  3. Groovy brings advanced features such as closures, dynamic typing and the meta object protocol to Java platform
  4. Groovy is Java’s newest best friend
    • Seamless integration with Java Runtime Environment
    • Groovy syntax is aligned with Java
  5. Every Groovy type is a subtype of java.lang.Object
  6. A Groovy  class is a Java class
  7. XML handling in Groovy is so easy that make Java developers drool
  8. Groovy brings the fun of programming back to Java developers
  9. Groovy classes are compiled into Java bytecodes
  10. Groovy has integration with Ant and Maven and is well supported by major editors like Eclipse, IntelliJ and NetBeans

I am looking forward to dive into the some of Groovy advanced features.

Posted in Groovy, Script Language | Leave a comment

Google App Engine for Java


By now I am sure everyone has heard that Google App Engine has supported Java and this is totally exciting for Java developers including myself.  Not only Java is supported, but one can use JPA to store/retrieve data from Google DataStore.  The current support has pretty much most of what one needs to build a useful Java web based application running on Google App Engine.

The next thing we need is some MVC framework for the presentation tier.  Surprisingly, there is a lot of folks trying to  use Spring MVC and Spring framework.  This seems to make sense because Spring Framework provides both web-tier support and back-send support like JPA integration and transaction management.  Maybe that’s why I haven’t seen many folks using Struts or JSF with Google App Engine.

There is a lot of buzz on google-appengine-java-group forum. Folks are trying out different technologies and exchanging tips and tricks.

As for myself, I ported the JDO Guestbook example to use Spring MVC + JPA and it is working just fine.  Check it out when you get a chance.

From what I have been seeing, the following technologies are working on GAE:

Spring MVC, Tile 2.0.7.

One of the most frustrating things that most folks encountered is that their GAE applications work on their local box and it doesn’t work when running on GAE production.  Most of the time it is related to security issue.  GAE allows a subset of JRE classes and their white list is on their site.

I have an application in mind and I will be busy in the next several weeks developing it.  Stay tune.

Posted in Spring Framework, Uncategorized | Tagged , | Leave a comment