Walkthrough
This is a description and walkthrough for the connector plugin for the XDI2 server that maps data from Facebook to XDI.
This is a connector plugin for the XDI2 server. It can map personal data from the Facebook Graph API to XDI. This personal data can subsequently be integrated with all features and applications of XDI such as link contracts, $ref relations, cloud cards, etc.
Step 1: The XDI2 Facebook connector plugin comes with a built-in demo application. The first step is to authorize an XDI graph to access a Facebook account. This involves a standard OAuth 2.0 flow (Authorization Code Grant) to obtain an access token, which is then stored in the user's XDI graph for later use.
From the perspective of the Facebook API, the XDI2 Facebook connector plugin is a client app like any other.
Step 2: During the OAuth 2.0 flow, the user is asked to approve the permissions requested by the XDI2 Facebook connector plugin.
Step 3: Assuming the user approves the permissions, the demo application obtains a valid OAuth 2.0 access token.
The OAuth 2.0 access token as well as the Facebook user ID are stored in the XDI graph as follows:
(https://facebook.com/)[=]!1111/$ref/(https://facebook.com/)[=]!588183713
(https://facebook.com/)[=]!588183713<$oauth><$token>&/&/"....."
Note that there is a $ref equivalence link that relates the user's XDI cloud number to the Facebook user ID.
Step 4: From now on, XDI clients can request personal data in a branch of the XDI graph that is mapped to the user's Facebook account.
Example personal data from Facebook:
(https://facebook.com/)[=]!588183713#(user)<#(email)>&/&/"markus@projectdanube.org"
(https://facebook.com/)[=]!588183713#(user)<#(first_name)>&/&/"Markus"
(https://facebook.com/)[=]!588183713#(user)<#(gender)>&/&/"male"
(https://facebook.com/)[=]!588183713#(user)<#(last_name)>&/&/"Sabadello"
Step 5: The Facebook OAuth 2.0 access token may be revoked. At this point it is also deleted from the user's XDI graph.
Step 6: Besides using the built-in demo application that comes with the XDI2 Facebook connector plugin, the Cloud Manager application can also be used to request and revoke Facebook OAuth 2.0 access tokens.
more blabla
Step 7: blabla step 7
more blabla
Step 8: The cloud card viewed by a visitor on the web.
In this case, all attributes are public, i.e. can be viewed without a link contract. If they were private, an XDI Connect flow would be needed to initiate a connection request to the cloud card.
Depending on whether $ref or $rep equivalence links are used in the graph, the fact that personal data on the cloud card comes from Facebook may or may not be visible by an XDI client.
Step 9: The cloud card may also be viewed by the XDI Ninja! browser plugin.
Step 10: Since the XDI Ninja! browser plugin periodically checks cloud cards for updates, a popup window would appear if a Facebook attribute in the cloud card changes.
Source: websequencediagrams-obtaining-facebook-oauth-access-token.txt
This diagram shows what happens when an XDI client makes a request to a part of the user's graph that maps to personal data in a Facebook account. For this to work, the OAuth 2.0 access token is needed, i.e. Sequence 1 must have been completed first.
Source: websequencediagrams-xdi-get-request-handled-by-facebookcontributor.txt
This work is licensed under a Creative Commons Attribution 4.0 International License.
