Julien from the Play framework google group really gave me the missing piece to my original implementation.

I really disliked that I had to pass into each of my action methods a concrete instance of my service factory.

The suggestion I got was to implement my controller as a trait, then create the required controller object by extending my trait, with the concrete implementation trait of my service factory dependency.

The use of my DI is as follows:

1. Constructor injection to pass a concrete repository factory into a concrete service object instance
2. Cake pattern to wire the Service factory with the Repository factory
3. Cake pattern to write the Application controller with the Service factory.

Here is the gist: https://gist.github.com/2151399 (Leave comments here if you have questions or suggestions)

I’m new to the Scala world but I wanted to try and setup how to use the Cake Pattern to wire together dependencies.  The end goal is that I want the code base to allow me to:

1. Write integration tests for my Repository objects against an in-memory database
2. Write unit tests for my Service objects, mocking their Repository dependencies
3. Write unit tests for my Play 2.0 controller action methods with the ability to use mock implementations of the the Service object dependencies.

#3 from the above goals was the most interesting to figure out since in the Play 2.0 framework, controllers are scala Objects (Static class/singletons in other OO languages).

Here is a summary of what I am doing in the following code:

1. Cake pattern (wiring the service factory to the repository factory)
2. Constructor injection (injecting the concrete repository factory into the concrete service objects)
3. Double Dispatch (injecting a concrete service factory into a Play controller action method)

Here is the Gist of how I’ve done it. (Please any feedback on this approach would be appreciated!)

thi3nl0ng asked: Dear Geoff! I'm newbie of OAuth2. I found your project on github. I don't know how desktop app, or mobile app (which non-browser) use OAuth2 using your sample, can you post some sample? thank you very much

Hey!  Sorry about the delay in getting back to you. 

The library I wrote sets up the routines to secure a REST service using OAuth 2. (The client stuff I wrote is crap and only half thought out).

OAuth 2 is setup to follow several authentication flows.

1. Client Credentials Flow - Where a 3rd party application is granted access to act on behalf of itself.  (ie. if you wanted 3rd party applications to have the ability to create new users in your system).
2. Redirect Flow - This is the most common flow and a carry over from OAuth 1.1.  This is where the 3rd party application needs to redirect a browser to your site, for the user to authenticate themselves and grant access to the 3rd party application (exactly how FB apps work for example).
3. Implicit Flow - This is more or less almost identical to the Redirect Flow, except the redirect returns the results in a fragment at the end of the redirect URL.  This allows an insecure client (like javascript running in a browser) to request an access token without revealing the 3rd party’s credentials with the REST service to any prying eyes
4. Resource Owner Username & Password Flow - This is the flow where the 3rd party application takes the user’s username and password and passes it onto the REST service in exchange for an Access Token, which it uses to sign/authorize subsequent requests.
5. Refresh Token Flow - This is how you can take an expired Access Token and and get it refreshed.  This only works if the REST service returns a Refresh Token along with the Access Token

So that is a summary of OAuth from a cloud level.

I’m guessing you are just trying to access a REST service which is secured through OAuth 2 and not trying to add OAuth 2 security to a REST service of your own.

The library I have written on GitHub really deals with the latter (I took a stab at the client, but didn’t have much need for it presently and left it half complete).

To call into a REST service from a Desktop or Mobile App, you are really left with 2 options (depending on what is supported by the REST service you are requesting from).  The Resource Owner Username Password flow or the Redirect Flow (Also the refresh flow would be an option if supported by the REST service and you had gained an Access token).

Either platform, desktop or mobile, would communicate with the REST service in similar fashions.

Redirect Flow Use Case

Actors

App - Desktop application requesting resources from an OAuth 2 secured REST service
Service - The REST service which is secured through OAuth 2 (like graph.facebook.com)
User - The user who is accessing the Service through your App
Website - The website which is providing the RESTful service.  The location the user goes to when using a standard browser (like facebook.com)

1. User starts the App.
2. App request user to log into the service by presenting a browser window and setting the location to the websites authorization endpoint. (Probably an embedded browser window in the application).
3. The website authorizes the user and the user grants access.  The website returns an authorization grant to the redirect url
4. The app captures the redirect and extracts the the authorization code from the redirected url
5. The app uses the authorization code and sends it to the Service’s token endpoint to exchange the access code for an access token
6. The Service validate the access code and returns the access token data in the response body
7. The app extracts the access token from the response.
8. The app uses the access token to sign subsequent requests to the Service

Resource Owner Username and Password Use Case

Actors

App - Desktop application requesting resources from an OAuth 2 secured REST service
Service - The REST service which is secured through OAuth 2 (graph.facebook.com)
User - The user who is accessing the Service through your App
Website - The website which is providing the RESTful service.  The location the user goes to when using a standard browser (like facebook.com)

1. User starts the App.
2. App request user to log into the service by presenting asking for their username and password for the website.
3. The app uses the users username and password and sends it to the Service’s token endpoint to exchange the access code for an access token.
4. The Service validate the username and password and returns the access token data in the response body
5. The app extracts the access token from the response.
6. The app uses the access token to sign subsequent requests to the Service

If you are looking for a REST client to use and you are one windows platform, I’d look into Hammock REST.  I personally haven’t used it, but it looks like it would be pretty easy to modify to sign requests with an OAuth 2 access token.

I am currently working on a Cocoa implementation of a REST client for an IPhone app I’m building.  The code I’m writing is still in the early stages and only supports the Resource Owner Username and Password flow.  Once I get it further along, I’ll be posting it on GitHub.

I hope this helps you out along your way.  I’m sorry but I’ve been buried in projects and don’t have the time to write up a working example as you’ve requested.

As some of you may know, I have been building an IPhone app for hair stylists to help them manage their clients.

Anyway, as a part of this project, I wanted to display a message that would slide down from the top of the window, hang out for a bit, then fade out.

I wanted the code that presents this message view to be as simple (and as few lines/characters of code, Objective-C is sooo verbose!!!) For example:

  MessageController *msg = [ [ MessageController alloc ] initWithMessage:@"Good luck buddy, cannot log in!" ofType:kMessageTypeWarning hideAfterDelay:3 ];
    
  [ msg show ];
  [ msg release ];

As you can see I want to call the show method, then immediately call release.

The results of this call:

Well this took me some figuring out, because I’m still new to cocoa touch and all of its framework goodness.

However, this ended up pretty straight forward, but there was a gotcha I ran up against.  The important bits were:

1. Create a custom init method.
2. In the ‘show’ method, retain yourself!
3. In the routine that removes the subview, release yourself.

1. Create a custom init method

This ended up important and was a gotcha for me.  Initially, I thought using ‘initWithNibName:bundle’ would suffice.  What I found is that my ‘show’ method would be called before all of my outlets were hydrated from the NIB (they were still nil!).

The solution to this was to create my custom init method, and call ‘loadNibNamed:owner:options’.  After that call, all my outlets were hydrated and I was able to use/configure them in my ‘show’ method.

-( id )initWithMessage:( NSString * )message ofType:( MessageType )messageType hideAfterDelay:( NSTimeInterval )delay
{
  self = [ self init ];
  if( self )
  {
    if( ![[ NSBundle mainBundle ] loadNibNamed:@"MessageView" owner:self options:nil ] )
      NSLog( @"Failed to load nib, should use better error handling" ); //todo: fix this
    self.messageType = messageType;
    self.message = message;
    self.delay = delay;
  }
    
  return self;
}

2. In the ‘show’ method, retain yourself!

The important work in this method is to first and foremost to retain yourself, as the caller will most likely calling ‘release’ immediately after calling the ‘show’ method.  After that, I use the remainder of this method to configure my UIView, using my outlets. **Remember, every retain must be balanced with a release!

-( void )show;
{
  [ self retain ]; // retain self;

  lMessage.text = self.message; // set outlet text
    
  if( self.messageType == kMessageTypeWarning )
  {
    lMessage.textColor = [ UIColor whiteColor ]; // set outlet text color
    NSString *path = [ [ NSBundle mainBundle ] pathForResource:@"bg-warning" ofType:@"png" ]; // find the path to the background image for the view
    UIImage *img = [ [ UIImage alloc ] initWithContentsOfFile:path ]; // create my image
    ivBackground.image = [ img stretchableImageWithLeftCapWidth:9 topCapHeight:6 ]; // set it to my image view outlet
    [ img release ]; // release my image
  }
  else
  {
    // removed for clarity, more or less identical to the code above 
  }
 
  UIWindow *window = ( ( ColorClientAppDelegate * )[ UIApplication sharedApplication ].delegate ).window; // get a reference to my window
    
  // create CGRects for the start location and final positions of my view.  
  CGRect offScreen = CGRectMake(0, self.view.frame.size.height *-1, self.view.frame.size.width, self.view.frame.size.height );
  CGRect onScreen = CGRectMake(0, 19, self.view.frame.size.width, self.view.frame.size.height );
    
  self.view.frame = offScreen; // set the initial state of the view offscreen
    
  [ window addSubview:self.view ]; // add the view to the window
  
  // Animate the movement of the view onto the screen.
  [ UIView animateWithDuration:.7 animations:^(void) {
    self.view.frame = onScreen;
  } ];
    
  [ self performSelector:@selector( removeMessageFromWindow ) withObject:nil afterDelay:( self.delay + .7 ) ]; // Call the method that will remove this view from the window, after the delay plus the time it took for our reveal animation to play
}

In the last line of this method, I used delayed execution to execute the ‘removeMessageFromWindow’ selector.  This is the method, which will take care of balancing the ‘[ self retain ]’ call we made earlier. Let’s look at it.

3. In the routine that removes the subview, release yourself.

-( void )removeMessageFromWindow
{
  [ UIView animateWithDuration:.5 animations:^(void) {
    self.view.alpha = 0;
  } ];
    
  [ self performSelector:@selector( performMessageRemoval ) withObject:nil afterDelay:.5 ];
}
-( void )performMessageRemoval
{
  [ self.view removeFromSuperview ];
  [ self release ];
}

I suppose I need a little explanation here, the ‘removeMessageFromWindow’ actually just animates the fade-out of the view.  Again, I use delayed execution to call another method after the fade out animation has enough time to play. The ‘performMessageRemoval’ actually removes the current view from the window and then balances out the retain, with a call to ‘[ self release ]’.

Well, that was it, pretty straight forward stuff I think.

It would be cool, if you can mute a person’s public posts, and only view their limited posts. (Maybe you can and I just haven’t found it yet)

For example I post software related stuff to my public stream, and most of my friends are non-technical. It would be cool if they could mute my public stream and only see messages to my limited streams, as these are more likely the stuff my friends are interested in.

If you want to keep a real life analogy . If I were a public speaker, my friends wouldn’t attend my speeches. Hell, they may not even be interested in what I have to say publicly. But they’d be interested in what I say and do while we hang out. Also the tone between a public speech and a private conversation would be very different.

I have to admit. I am excited.  Bootstrapping a business on you own while working on other projects to “pay the bills” is a hard thing to do.  It make all my efforts seem three times slower to complete than the work that gets done for my paying contracts.

I guess things worth doing are never easy!

It seems like it has taken forever to get around to building the IPhone app for my ColorClient business.  I had to finish building the REST and OAuth2 service to feed the app first.  Anyway, tonight was the first night I got to start working on it.

And here is the fruits of my labor.

Check out the site while it’s in a free beta @ http://www.colorclient.com

I was affected by that problem where I could not save ratings to Facebook through the Flixster IPhone app. Even after their recent update to their app, I still couldn’t post to Facebook. The fix that worked for me was pretty simple. 1. Delete the Flixster from your phone. 2. Re-download the app from the app store. After I did the delete-reinstall I was able to save ratings again

I was trying to figure out how to do this, as I’m reading through a book on IOS development.  I thought adding the images needed to be done through XCode.  I was wrong.

In finder, in the folder that has the settings.bundle that you want to add the images to, right click on the bundle and choose “Show Package Contents”.  In the window that opens, add the files that you want to be apart of your settings bundle. After adding the items through finder, XCode should also update to show the files you just added.

I’m a newb to IOS, and Mac’s in general, and this caused me a few minutes of head scratching, so I thought I’d share the answer.