The Dev8D wiki I set up for a recent JISC event uses OAuth to allow people to log in to the wiki using their twitter accounts (or users can register for wiki accounts in the usual way).

As promised in an earlier post, here’s a rough guide to how it was done.

1. Set up MediaWiki

I won’t go into details of how to do this here, but first step should be download and install a recent release of MediaWiki.

For a new wiki, I’d recommend installation of the reCAPTCHA plugin, to prevent automatic account registrations from spam bots.

I’d also prevent anonymous editing/creation of pages on the wiki, by adding the following lines to the bottom of your LocalSettings.php:

# Disable anonymous editing and page creation
$wgGroupPermissions['*']['edit'] = false;
$wgGroupPermissions['*']['create'] = false;

2. Create a new table in the MediaWiki database

Create a table named ‘twitter_users’ in your wiki database, with the following fields:

CREATE TABLE IF NOT EXISTS `twitter_users` (
    `user_id` int(10) unsigned NOT NULL,
    `twitter_id` varchar(255) NOT NULL,
    PRIMARY KEY  (`user_id`),
    UNIQUE KEY `twitter_id` (`twitter_id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

Note: If you’re using a prefix for your wiki database tables, this ‘twitter_users’ table will also need the prefix.

This table maps MediaWiki user accounts to twitter user accounts. It’s used to track whether an account on MediaWiki was created using twitter OAuth or not, and ensures only accounts created from twitter can be authenticated against twitter.

Without this, someone could create a twitter account with the same username as a non-twitter based wiki account (such as an admin account), and gain access.

3. Register a new twitter application

Go to http://twitter.com/oauth_clients, and follow the “Register a new application” link.

Fill in the fields as follows:

• Application Icon: anything you like
• Application Name: anything you like
• Description: anything you like
• Application Website: http://[your wiki base URL]/
• Organization: anything you like
• Website: anything you like
• Application Type: Browser
• Callback URL: http://[your wiki base URL]/oauth/callback.php
• Default Access type: Read-only
• Use Twitter for login: Yes

After submitting the form, you should get a Consumer key, Consumer secret, Request token URL, Access token URL, Authorize URL (make a note of these, or keep the window open somewhere for now).

4. Setup PHP OAuth library

I used the twitteroauth library for this (.tgz download).

This library requires PHP’s cURL library to be installed (package php5-curl on Ubuntu or other Debian-like systems).

Untar and unzip this into your MediaWiki extensions directory, and rename the directory to ‘oauth’:
cd /[wiki root directory]/extensions
wget http://github.com/abraham/twitteroauth/tarball/0.2.0-beta3
tar xzf abraham-twitteroauth-76446fa.tar.gz
mv abraham-twitteroauth-76446fa oauth

Recommended: Some of the code from this library needs to be accessible from a browser, so I’d recommend symlinking to this directory from the wiki root:
cd /[wiki root directory]/
ln -s extensions/oauth
You don’t have to do this, but it looks a bit neater than having URLs containing your wiki extensions directory.

Edit the config file in the oauth directory:
vi /[wiki root directory]/extensions/oauth/config.php
Set the ‘CONSUMER_KEY’ and ‘CONSUMER_SECRET’ to the values you got when you registered your OAuth application with twitter.
Set the ‘OAUTH_CALLBACK’ to ‘http://[your wiki base URL]/oauth/callback.php’.

To test that everything’s worked so far, visit:
http://[your wiki base URL]/oauth/
and click the button to sign in using twitter.

You should then be taken to a page on twitter.com which asks about allowing the application access to your twitter account. Clicking on the ‘Allow’ button should then redirect you back to:
http://[your wiki base URL]/oauth/index.php

Refresh the page, and you should see all the information twitter has passed back to the application.

5. Set up the wiki to use OAuth

Download TwitterAuth.php, and put it into the extensions directory:
cd /[wiki root directory]/extensions
wget http://github.com/davechallis/misc-scripts/raw/master/TwitterAuth.php

Modify your LocalSettings.php, and add the following lines:

require_once("$IP/extensions/TwitterAuth.php");

global $wgHooks;
$wgHooks['UserLoadFromSession'][] = 'twitter_auth';
$wgHooks['UserLogoutComplete'][] = 'twitter_logout';

Once you’ve added this, and signing in using OAuth worked as in the section above, try navigating to any wiki page. You should now be logged with your twitter username.

6. Additional Setup

Two last things need adding before we’re done:

6.1 Add a login button to the login page

Make a copy of the original, and then edit:
/[wiki root directory]/includes/templates/Userlogin.php

After the line which reads:

<p id="userloginlink"><?php $this->html('link') ?></p>

add the following lines:

<?php
$return = '';
if (isset($_GET['returnto'])) {
 $return = "?returnto={$_GET['returnto']}";
}
?>
<p>Or: <a href="http://[wiki base URL]/oauth/redirect.php<?php echo $return;?>">
<img src="/Sign-in-with-Twitter-lighter.png" alt="Sign in with Twitter" /></a></p>

Change the text/image above to anything suitable for your site (twitter has some preferred button images for this).

6.2 Redirect to the correct page after login

Some code needs adding/tweaking so that a user returns to the page they were on after logging in (the code added above for the login button helps with this).

Modify:
/[wiki root directory]/extensions/oauth/callback.php
and change the line near the bottom from:
header('Location: ./index.php');
to:
header('Location: http://[wiki base URL]/index.php/' . $_SESSION['returnto']);

And finally modify:
/[wiki root directory]/extensions/oauth/redirect.php
Underneath the line which reads:
case 200:
add the following:

    if (isset($_GET['returnto'])) {
        $_SESSION['returnto'] = $_GET['returnto'];
    }
    else {
        $_SESSION['returnto'] = '/';
    }

That’s mostly it!  I’ve probably forgotten a few things, and a lot of changes were made at the last minute/during Dev8D, so any fixes/suggestions are welcome.

This is a cute tool to allow you to create and share virtual corkboards. I’m not sure how we could use it, but I’d like to find an excuse.

• http://www.spaaze.com/

Also this week I’ve been using a mindmap to manage my scary todo list. Doing it in a webpage means it’s available via home, work laptop etc.

• http://www.mind42.com/

This isn’t strictly Web Team related, but this is the best place to post it.

So, I got asked to go to a thinktank event as a local blogger, which I guess I am. The event is about globalisation, which is a swear word in some of the circles I move (drink) in. Before agreeing I had to work out if I was comfortable with this, and I cam to the conclusion that my attitude to globalisation is that it’s a tool. Like, say, electricity. I think we can agree that electricity is, on balance, pretty useful (if not, how are you reading this?) However too much in the wrong place is a really Bad Thing.

This event is called FutureStory. This initially gave me the idea that it was going to be about trying to come up with ideas about the future of Southampton. Looking at the PDF files which came out of events in other cities, I was a bit disappointed, as it was all about what local companies and projects were currently doing. My housemate pointed out that what I’d missed was that all of these companies are looking to the future, which should be the launching point of ideas, but they are already established. What happens next? (edit: I’ve just noticed the Southampton FutureStory book is on the table, so they’re *not* writing that today… which means that it *is* the jumping off point. That’s hopeful)

Southampton is not generally very proud of itself, and it is quite cool seeing a bunch of younger people being told that this is somewhere where lots of globally important and interesting stuff happens.

The event is largely about getting young people thinking about the fact that business *is* going to change in the future. Companies which can adapt will survive. Many won’t. Looking to support the UK economy in 5 years from now means getting people learning the skills now.  Jonathon Shaw MP, the regional minister for the South East gave an introduction about the importance of getting people with the right skills, and helping people into smaller business as well as the big business track most people imagine themselves in.

The catch with what he’s saying here, is that how the hell do you train people for the new jobs? Imagine a kid doing their GCSEs this year. If they do a degree then they’ll be graduating around 2015. Twitter only appeared in 2006. Now there’s people who need to know how to use it for part of their job. This GSCE’r may well find in their first job they’ll need to be an expert in something that’s not going to be *invented* until next year. How do they pick which A Levels to take? IMO you can’t, but learning maths, expecially boolean logic won’t hurt. Nor will people skills. The ability to do a boolean search (using and, or and not effectively) is the difference between hours of slog and seconds of thinking to satisfy your curiosity.

I don’t like networking. Not my thing. At the “just introduce yourself to someone for 90 seconds” I manage to randomly end up talking to the ProVC of Solent. Used the opportunity to ask for a suggestion of how to find people at Solent to get involved in “Southampton Developers” . Dammit, I appear to be someone who benefits from networking! At least I’m still not wearing a suit, yet.

The video they showed about Southampton businesses looking to the future stared with lots of shots of the docks and the cargo canisters. In my head the whole thing got overlaid with the theme music from season 2 of the wire but I don’t want to suggest that the similarity goes beyond cranes and containers. And that’s the thing that stuck with me from the bit about the docks. Using containers speeds up the turnaround by a factor of 4. That’s amazing and just requires getting everyone in the world on the same page. It’s like a cube root. It’s really easy to check you got a valid answer, but getting the answer in the first place is really hard. The best ideas (like Open Access to research and Linked government data, or the scientific method) once they are established seem obvious. And many great and *obvious* ideas have not yet been expressed, or at least not reached the tipping point where they become obvious.

Yikes; good core skills (according to the Minister) are reading, writing, adding up and ICT. The three R’s have changed since I was at school. It’s a bit of a shock to hear it expressed. Jonathan Shaw is also talking about government contracts needing to include a requirement to take on apprenticeships and be engaged with bringing skills to the community. Sounds like a good long term idea. The example; a recent government loan to construction companies to get them to start building despite the recession. The loans required them to take on apprentices on the builds.

I was going to ask the panel a difficult question, but that’s become apparent that it’s not appropriate. This is useful for the students here and they want to ask questions about the future. My question was going to be how to ensure we have “firebreaks” in globalisation? There’s a danger of building a super efficient house of cards where one natural disaster can collapse the entire global economy. The global just-in-time economy scares the hell out of me. This article about the collapse of the USSR got me thinking about these things last year. There is a really exciting answer to this which is that globalisation could also mean creating more peer to peer distribution networks so local business delivers locally. Rather than all farms supplying the big supermarkets, I could have a web service more like Amazon, where I order my food and it’s delivered by the most local source. If the economy collapses, we still have the basic means of production, for essential services, in each region. “Food Miles” are going to be an increasingly big deal. As is the miles travelled for any resource. I can imagine services like lulu.com and cafepress operating globally but  with points of production all over the world. When 3D printing gets off the ground, that’ll be interesting too.

In the Q&A phase most of the questions are about how to get the opportunities. Schools have a focus on getting exams passed, not getting their students work experience and other activities. Some schools are great at it. But it sucks if your school doesn’t bother with that. Advice to students; badger your school teachers! Getting the first bit of experience to get the next job is an utter arse for people. Many good people are lost to minimum wage jobs because they can’t get that first rung on the ladder. It puts me in mind of a job advert I saw in 1998 which wanted a java programmer with 5 years of experience. As it was released in 1995 it’s possible a few people at Sun had that much but the rules were changing too quick for the HR department. How do you hire someone for a job where you’re not sure of what the job description will by the time their probation period is over?

The key message for students (it seems to me) is to take the initiative. You have access to google & can use it better than your teachers. If you don’t investigate what’s on offer to create your own future you’ll just falling into something. You might get lucky, but I’ve noticed that people who do their research and leg-work tend to be luckier. Probably just a co-incidence.

A continuation of an earlier post:

Having (vaguely) got to grips with Graphviz last night, I’ve produced a few diagrams which attempt to better visualise the changes in twitter network of dev8D attendees.

In the diagrams below, I’m looking at how the network between 113 dev8D attendees changes over the course of the event (and a few days surrounding it).

Some details on the data I’m looking at:

• The list of 113 was obtained by looking at all people with twitter accounts who signed up for the dev8D wiki
• I’ve ignored all connections which existed before 22nd Feb 2010
• I’m looking at the change in friends (i.e. follows) of each user, ignoring any changes in who they’re followed by
• The changes in network are cumulative, so the very last diagram includes all the changes starting from 22nd Feb 2010
• I’m only looking at new connections made between those 113 dev8d attendees, I’ve ignored new follows to people who aren’t in that list of 113
• Any nodes on the diagrams which are unconnected are fresh signups to the wiki

So what does this mean?

The diagrams themselves show how the network of a small number of dev8D attendees increased amongst themselves over a period of time surrounding dev8D. This alone is good to see, but what’s far more exciting is something that arises when considering how small an area this looks at:

• These diagrams represent only the connections formed between less than half of the 250 attendees
• They represent only the twitter connections formed between those 113 people

What’s exciting is knowing that this is only a small subset of the true amount of networking that took place:

• Face to face meetings
• Email address exchanges
• Connecting to non-dev8D attendees
• Awareness of dev8D and the developer community
• Community built through DevCSI
• Connections on social networks outside of twitter

All these things are hard to measure and quantify, but I’m confident that anyone who attended dev8D can tell you that these things happened non-stop throughout the event.

And finally….the diagrams

The diagrams represent the connections made on a day by day basis, starting on Feb 22nd 2010 to Mar 3rd 2010.

Each image is a thumbnail, I’ve included a link to the full size image of each underneath (which should be zoomable enough to view individual node names).

2010-02-22

2010-02-22.png full size

2010-02-23

2010-02-23.png full size

2010-02-24

2010-02-24.png full size

2010-02-25

2010-02-25.png full size

2010-02-26

2010-02-26.png full size

2010-02-27

2010-02-27.png full size

2010-02-28

2010-02-28.png full size

2010-03-01

2010-03-01.png full size

2010-03-02

2010-03-02.png full size

2010-03-03

2010-03-03.png full size