The Java SDK provides an interface for the Gigya API. The library makes it simple to integrate Gigya services in your Java project. This document is a practical step-by-step guide for programmers who wish to integrate the Gigya service into their Java project. Follow the steps below to get started, and use the Library Reference while implementing.
Please follow these steps to integrate this library in your Java application:
Download the SDK JAR file:
If you are upgrading from a former version, please make sure to read the SDK's Change Log. You can download the binary alone, or a package including sources and JavaDoc from here:
Note: The Java SDK requires JDK1.5 and above. Please note that the GSJavaSDK.jar file is compiled using JDK 1.8 with compatibility for 1.6, but you may use the SDK's source files and compile them in a JDK 1.5 environment.
- Please obtain Gigya's APIKey and Secret key
- Login the User
- Use Gigya's API - Send Requests
- Optional - Incorporate security measures
Obtaining Gigya's API Key and Secret Key
Making API calls requires an API Key and a Secret Key that are obtained from the Dashboard section on the Gigya website. The Secret Key must be kept secret and never transmitted to an untrusted client or over insecure networks. The API Key and the Secret Key are required parameters in each request (further ahead in this document you will find guidance for sending requests).
Logging in the User
To learn more about the login process, see Social Login.
Sending a Request
After you have logged in the user, you may use the GSRequest class to access the user profile and perform various activities. This is implemented using GSRequest's
method. The following code sends a request to set the current user's status to "I feel great":
Step 1: Defining the Request
Create a GSRequest instance:
The parameters of the GSRequest constructor are:
Note: Read above about obtaining both of these keys from Gigya's site.
- method - the Gigya API method to call, including namespace. For example: 'socialize.getUserInfo'. Please refer to the REST API reference for the list of available methods.
Step 2: Adding Parameters
After creating the GSRequest object, use the setParam method to add parameters to the request:
Step 3: Sending the Request
The method returns a GSResponse object, which is handled in the next step.
Step 4: Handling the Response
Use the GSResponse object to check the status of the response, and to receive response data:
The GSResponse object includes data fields. For each request method, the response data fields are different. Please refer to the Gigya REST API reference for the list of response data fields per method.
For example - handling a socialize.getUserInfo response:
The response of 'socialize.getUserInfo' includes a 'user' object.
Optional - Incorporating Security Measures
Signature validation is only necessary and supported when validating the signature of a response that was received on the client side and then passed to the server. Server-to-server calls do not contain the UIDSignature or signatureTimestamp properties in the response.
The Gigya service supports a mechanism to verify the authenticity of the Gigya processes, to prevent fraud. When Gigya sends you information about a user, your server needs to know that it is actually coming from Gigya. For this reason, Gigya attaches a cryptographic signature to the responses that include user information. We highly recommend validating the signature. The SigUtils class is a utility class for generating and validating signatures.
For example, Gigya signs the socialize.getUserInfo method response. The following code validates the signature received with the 'socialize.getUserInfo' method response:
The parameters of the
- UID - the user's unique ID
- signatureTimestamp - The GMT time of the response in UNIX time format (i.e. the number of seconds since Jan. 1st 1970). The method validates that the timestamp is within five minutes of the current time on your server.
- secretKey - The key to verification is your partner's "Secret Key". Your secret key (provided in BASE64 encoding) is located at the bottom of the Dashboard section on Gigya's website (Read more above).
- UIDSignature - the cryptographic signature.
All the parameters, with the exception of the secretKey, should be taken from the 'User' object received with the 'getUserInfo' method response.
The method returns a Boolean value, signifying if the signature is valid or not.
In a similar fashion, when using the 'getFriendsInfo' method, The method response include a collection of 'Friend' objects. Each Friend object will be signed with a cryptographic signature. To verify the signature of a friend object, please use the
Sending Requests over HTTPS
To send requests to the Gigya service using SSL, set the request to use HTTPS:
When creating a GSRequest object, set the useHTTPS Boolean parameter to be true.
Appendix - Publish User Action Example
The following code sample sends a request to publish a user action to the newsfeed stream on all the connected providers that support this feature.
The socialize.publishUserAction method has a complex parameter called userAction, which defines the user action data to be published. To define the userAction parameter create a GSObject object and fill it with data. There are two ways to fill the GSObject with data; you can either use the put method or construct the GSObject with a JSON string, as shown in the two examples below:
Option A - Using GSObject's put Method
Option B - Using a JSON String
To learn more about publishing user actions, see Advanced Sharing.