We’re starting to look at the scope of the project, the technological challenges and the data requirements involved. Today we had a meeting with Paul Sharples who has been developing a widget server to discuss the possibility of using it in the project.
Authentication
Our discussion brought up a number of issues. A key concern was how to authenticate student users requesting information from within different applications, devices or widgets. One idea that came up was the concept of generating a key per student which would represent the course, modules and module occurrences they are studying but not their identity. This could be provided to the student who could then use it to return information specific to them whilst keeping it separate from their personal identity.
We also discussed whether widgets are the right way to go for all strands of information delivery within the project. In some cases simpler RSS might be sufficient and usable by more platforms.
One of the most interesting ways emerging for how to do this is with Widgets is to use oAuth. There is already some work on this using Google Gadgets, but the general principle is quite simple. Each widget registers with a consumer key, and can launch a window that sends this key to the ID provider; the provider then lets the user log in and grant the widget permission to access APIs. The ID provider then lets the widget collect an access token that it then uses for any API requests.
See: http://www.slideshare.net/leahculver/implementing-oauth/
On Widgets versus RSS: Offer both!
By: Scott Wilson on July 25, 2008
at 9:18 am
Cheers for that Scott. Will check this out.
By: Chris Frost on July 25, 2008
at 9:41 am