Pages

Thursday, June 30, 2011

APIs and OAuth

OAuth (or Open Authorization) has become the norm these days. What is it ? In simple terms, it is a protocol that allows developers and third-party applications to use data on a server without giving away the password of the served user.

A little history about OAuth first ! Interestingly, as mentioned on Wikipedia, OAuth sprang from "Twitter OpenID implementation". Soon, this turned into a project in which people from some well known organizations such as Google were involved. Eventually, the draft for OAuth Core 1.0 was released in October 2007 and the protocol was published in April 2010.

So now where is this protocol used ? Pretty much every site that offers developers to access their data use this protocol. As Twitter and Facebook Applications become popular, so does this protocol.

So how does it work ? The basic idea is simple (as is for most great inventions), the developer registers his application with the data provider. The provider then generates a "Consumer key" and a "Consumer Secret key". These two strings need to be a part of the request sent by the application to request any data or authentication. When the user, through the application, tries to access his data, a URL is created which allows the application to be 'authenticated' by the user. Once the user accepts to authorize the application to access the data, a PIN (a string of numbers) is provided. Entering this PIN into the application allows the application to identify itself (along with the Consumer Key) and obtain an "Access Token". This access token (yet again a hashed string), is used by the application with each request. Obviously, this is just the basic idea of the protocol and a lot of numbers and parameters are introduced in order to make it more secure.

So, why is it better ? Or rather I should first answer, what is it better than ? Earlier, most websites like Twitter used "Basic Access Authentication". It required the user to give his username and password to the application for accessing its data. (Yeah, basic authentication was really basic ;-) ).  So, why is OAuth better ? It is better for applications as :-

  • Applications need not maintain the username and password of the user, which is a responsibility of the application (or developer). 
  • If the password is changed, the application would be rendered useless, unless it is reset in the settings.
It is better for the users as :-

  • User is not required to give away his or her password.
  • List of the applications authorized to access the data is available on the website. This allows the user to revoke access, especially to applications which are no longer used.
List of OAuth libraries for various languages can be obtained here.

Monday, June 27, 2011

An introduction to jQuery

This is my first attempt at a technical article, so please bear with me. Comments/feedback on the content and writing style are welcome :)

You've probably heard of JavaScript: the hacky, ugly language that drives most of the cool stuff on the web. I whole-heartedly agree. Hell, the language itself has more inconsistencies than one can imagine. There is no cross-browser standard implementation of JavaScript. Why then is it so popular?

I can't say I have the answer, but there is one crucial JavaScript library, in my opinion, that has contributed to its popularity significantly: jQuery. It is one the few code tools I'd say is "cute" (the others on my list, as of now, are Ruby and Python). Also one of the few things with great documentation.

It's great at manipulating elements on a webpage, and at making cross-browser, pain-free AJAX requests. Let's dive in and see some jQuery code:

$(function() {
  $("input#animator").toggle(function() {
    $('div#foo.bar').slideUp('fast');
    $(this).val('Show');
  }, function() {
    $('div#foo.bar').slideDown('fast');
    $(this).val('Hide');
  });
});


Believe it or not, the highlighted line is all the jQuery code needed to hide the <div> element with id foo and class bar with a quick sliding animation. The first part of that line ('div#foo.bar') is called a selector. jQuery selectors are very similar to CSS selectors. This is one of the many qualities of jQuery: it doesn't force you to learn new, obscure syntax if you're already into web development. The $ is actually the jQuery object (yes, $ is a valid JavaScript identifier); it creates a wrapped set out of DOM elements, which you can then manipulate using the extensive API methods (in this example, the slideUp() method is shown, which accepts 2 arguments: the duration of the animation, and an optional callback). This is the basic idea of jQuery: manipulations on a wrapped set of DOM elements.

There's also another interesting thing in jQuery: plugins. Like this one, developed by me. If you're interested in the code, I've got it on GitHub.

I'll stop here. Anyway the world doesn't need yet another full-fledged jQuery tutorial. This article was just intended to get you interested in jQuery (and get me started writing on this blog). If you want to continue, you could start working your way through the docs, starting here. And you might want to consider learning some JavaScript too. Sad as it is, you can't use jQuery solely. For that purpose, I'd recommend this great book.

UPDATE: Interesting fact on the popularity of JavaScript: It accounts for 19% of all code on GitHub, higher than any other language.

------
If you liked this post, consider following me and Rajat on Twitter.

Tuesday, June 7, 2011

Base conversion in BASH

As programmers, we often encounter numbers written in binary or hexadecimal format. Mostly it is written as the context is made easier. For example, a set of flags is better represented as binary than integer. Here's an example :-
#define IS_TRUE        0b01     // same as 1
#define IS_FALSE       0b00     // same as 0
#define CONFIRM        0b10     // same as 2
#define DOUBTFUL       0b00     // same as 0
This example might not be very common, but this demonstrates the use of binary representation. These flags are useful at binary level to facilitate " bit-level AND " and various other operations.

In such scenarios, it could get confusing as to what the number represents in integers. Many, here, would suggest creating a program in the language of your choice and using it for base conversion. So, here I explain how one can use BASH itself.

BASH allows base conversion very easily. Fire up a terminal and try this :-
echo $((2#1010101))
I assume, I needn't explain $((<operation>)) is necessary for mathematical operations in BASH.  The output of the above command is 85, which is the decimal value of the number  "0b1010101".

So here we have a simple base converter. Interestingly, the base conversion allows to convert from any base to decimal this easily  :

<base>#<number_in_base>

The above is sufficient to convert number given in any base to decimal value. Go ahead, try it out.

Mail in the future

Long time ago, I used a service for online greeting cards and I loved a particular feature; it was the feature to schedule the delivery to a future date. I am not sure if other providers had this feature or not, but they surely didn't make it easy to find; and this made me love this service above all the others. Since then I have wondered how great it would be to able to schedule mails to be delivered in the future. 

Starting from Birthdays and Anniversaries that I couldn't risk forgetting to serious reminders to myself or others, scheduling an email in the future would be a 'desirable' service. Imagine that you are working on a project and would like to personally mail the team each week to request for their progress. Now this would require time, even if you had to send a simple "What's the progress" message each Monday. It would be cumbersome as it would demand you to take out time from the numerous other tasks that you have to do. Won't it be easier, if on one weekend, you fix 4 such mails to be sent in the future on the appropriate dates and set a reminder for yourself to fix more for later (if the project is not over by then). Such a service would save you the effort, while still getting you the response.

Another scenario where such a service seems useful to me is sending the 'last words' of a man to his kin. Very often, certain secrets die with people. Sometimes it is because of the fear or of the want of a better moment, that words just don't come out. In such a scenario, if a person could create a mail to be sent in the future once he/she is dead, to a few chosen recipients. Some wonder, at this point, how could the service know about his/her death ? Well, before the mail is sent (on the specified date by the sender), a confirmation mail could be send to the creator of the mail, giving him some time to react (cancel or reschedule). There are many such possibilities. 

Determined to create such a feature for myself (and use by others), I set out on a domain search. Looking for ideas, I stumbled over 'existing' services that partly fulfill the goals, here are some of them : -
  • FutureMe : This service was the first that I had seen (and brought back my childhood ideas about future mails). In terms of a friend , this is like a 'time-capsule'. 
  • FutureMail : This service fulfills the 'reminder' aspect of my discussion. It allows one to send himself reminders at any particular time in the future.
  • MyLastEmail : This service targets on the final email, mostly in case of death. Although, at the time of writing, the domain seems to have gone dead. 
  • LetterMeLater : This service combines most of the features as it allows you to send messages to both yourself and others at any time in the future. One of the attractive features about this is that you don't need to access  the site to create a new message; using this feature, you can send a mail from your own email client to 'me@lettermelater.com' with a few details on the top, and ZOOP, you have scheduled a mail in the future. 
  • HitMeLater : As the website boasts, this is like creating a 'snooze' button for yourself; more like reminders.
While these kind of services do solve most of the things that I have in mind, some aspects can't be achieved with one service itself. This motivates me to work on one of my own service to cater my own needs (and that could be used by others as well). 

One of the things mentioned here is note-worthy :-
What if your (or the recipients) email address changes ? 
I believe that this is an acceptable risk. Although, I am convinced that the service provider should facilitate change of 'recipient-address' , 'sending date' or even 'cancellation' of a scheduled mail.

What do you think about such a service ? If I start one, what would be 'your' requirements ?
 

Sunday, June 5, 2011

Software projects and 'grep'

It might sound as weird title, especially when I emphasize that by 'software project' I refer to absolutely 'any' project. After a few days of trying to understand the source code of a few projects (including Kate), I have come to realize that it is hard to understand the entire code at once.

Realizing the impossibility of understanding the entire code-base (which could be well over a hundred thousand lines) I started trying other means. The first step was to identify the 'main' file. As I am working with C/C++, this file is easy to identify as it is the one containing the function :-
int main (int argc, char *argv[] ) 
Knowing what I am looking for, this simple command (or a few variations) allow me to spot the file where it all begins :-
grep "int main" * -R 
As should be clear, this would search the source code directory 'recursively' to find me the file with the keywords. At this point, I would like to highlight why it would be easy to maintain a program that called the 'first' function by the name 'main'. Whichever language it is written in, use of this convention can make it easier to maintain. 

Once the main file has been spotted, I proceed to find the functions in almost a similar fashion. This saves me the effort of going through pieces of code that are rarely (or at times never) used. I can follow the 'flow of program' more easily and I know which function lies where. As and when I proceed to understand the functions, I try to make certain notes about the functions, in the form of comments. These notes could be something describing the task of the function, or could point to some other piece of information, or at times hints for improving the function later.

'grep' has proved very useful to me, and although I am not very good with RegEx (regular expressions), I now plan to get hold of them so as to be able to use them to spot what I want in combination with 'egrep'.
 

Saturday, June 4, 2011

Season of KDE (SoK)

Well, this is my first post regarding the Season of KDE 2011. On advice from the mentors, I have decided to put up my progress on the project on this blog. I realize this would be a good exercise, as over the years the single most important thing that I have learnt is that explaining difficult things to others, only makes my own understanding better.

With that selfish motive hidden deep inside, I look forward to an exciting experience writing about my progress. Starting from the difficulties to the work-arounds, I plan to post about it all.

Hope you enjoy reading it as much.  

Friday, June 3, 2011

Definying variable names using macros

This is an interesting piece of information I came across while working on a project. Macros, provided by C, have always been something holding a lot of power. Today, I realized another powerful use of it.

Here is the piece of code that I came across (something similar)
#define SOME_FUNC(l,i) int l##_flag=i;
Now this note is made for future reference. Here the most intriguing (and confusing) was the use of the two hashes '#'. I just guessed that it helps use the 'name' of the variable. For example, if I call it as

SOME_FUNC(debug,3);
Using the rules of macro, this would change to
int debug_flag=3;

Now this is useful. A small test confirmed that this is exactly what was happening. Also, using the '--save-temps' attribute of 'gcc', I confirmed what I thought it was.

This could be very useful for debugging, as in the above example. Also, this could help us create a general function for creating flags to be created later. It is worthwhile to note that it cannot be used in an 'actual function' (that is not in the form of a macro). This is for the reason that when a function is called, the name of the variable is 'lost', and what remains is either the address or the value of the variable. Unlike function calls, macro expansion can allow the use of the name of the variable. The same could be used to make more complex functions (through the macro expansions).

NOTE: The above information is based on my own tests. I couldn't find any information on the net for the same and thought it was worthwhile making note of it.