CoursePeer


Knowledge Graph API


By using CoursePeer's Knowledge Graph API, you can create applications that interact with our Social Academic and Professional Graph of resources to enhance your application's or website's user experience. The CoursePeer Knowledge Graph API uses OAuth 2.0 for the process of authentication and authorization, and that is to comply with the highest security standards in the industry.

Creating new Applications

The CoursePeer Knowledge Graph Engine uses industry-standard OAuth 2.0 for app authorization to issue REST API calls. When creating an App in the CoursePeer App Library, each App developer needs to provide:

Application Name, Callback (redirect) URL, Developer's Email Address, MiniFrame URL (optional), and Developer's Website (optional)

After reviewing the app, and in the case of approval, CoursePeer will provide the app developer with an Application Key and an Application Secret to use. Note: you can use "test123" for both APP_KEY and APP_SECRET for testing puposes.

App Development (Sample)

CoursePeer supports two modes of applications: iFrame and Independent. The iFrame is rendered within CoursePeer's layout, allowing users to enjoy full CoursePeer features while using the application. The independent mode provides the ability to create a fully separate website or web application that connects to CoursePeer's Knowledge Graph API without the need to keep the user on CoursePeer's layout.

To be able to start developing for CoursePeer rightaway, you should start by downloading the sample PHP or ASP.NET implementations of OAuth 2.0 Clients. You can do so at our Github Public account: https://github.com/hadialaddin/cpgraph.

If you want to test the APIs without any development work, you can do so by using any of the REST Consoles/Clients available as plugins for browsers. Here is a FREE one for Google Chrome: "Simple REST Client" (https://chrome.google.com/webstore/detail/fhjcajmcbmldlhcimfajhfbgofnpcjmb)

Note: When sending POST values, set the "Headers" to "Content-Type: application/x-www-form-urlencoded", and then set the "Data" to "arg1=val1&arg2=val2" (POST aguments).

API Requests

Introduction


When a CoursePeer user requests to install the App, CoursePeer will alert the user to accept and authorize the App. The app developer needs to specify what permissions (Scope) the App requires as this will require access to specific data objects (resources) of the user's social knowledge graph on CoursePeer. The following are the permissions an App developer can request when prompting the user to install the app (note: user either accepts all or refuses all):

  • User's Profile: user_profile
  • User's Enrolled Courses: user_courses
  • User's Questions: user_questions
  • User's Bookmarks: user_bookmarks
  • User's Tips: user_tips
  • User's Life: user_life
  • All of the above: basic

Invitations to use the App can be made using the "Invite" feature available through the App Market of CoursePeer, once the App has been installed by the user.

OAuth 2.0 Process (Client Side)


Note: the following URIs are to be used while coding your standard OAuth 2.0 implementation:

Authorization Server URI: http://graph.coursepeer.com/index.php/oauth/
Access Token Granting URI: http://graph.coursepeer.com/index.php/oauth/access_token
Access Token Verify URI: http://graph.coursepeer.com/index.php/oauth/verify_access_token?access_token=ACCESS_TOKEN
Logout URI: http://graph.coursepeer.com/index.php/oauth/signout?redirect_uri=redirect_uri=REDIRECT_URI

CoursePeer's Knowledge Graph API provides read and write methods to perform various commands on the platform.

In order to use these APIs, the App should get the user's permission. We use the OAuth 2.0 for authentication and authorization. To get more insight on OAuth 2.0 and how it is implemented, you can access: http://oauth.net/2/.

In general, the process can be summarized as granting an ACCESS_TOKEN for the user using the Application. This way, the CoursePeer Platform verifies that the actions performed through the Application (on the developer's server) are infact generated by the user. So, you must include the access token in each of your CoursePeer Knowledge Graph API requests.

To implement the full process, you first need to request your CoursePeer Application APP_KEY and APP_SECRET (contact support@coursepeer.com and provide your REDIRECT_URI). The REDIRECT_URI is a URI to which CoursePeer's Authorization server will redirect the user once the process has finished, passing the CODE. The following is the URL that can be used for this step:

http://graph.coursepeer.com/index.php/oauth/?response_type=code&scope=basic&client_id=APP_KEY&redirect_uri=REDIRECT_URI
CoursePeer requires the user to be logged in before providing the authorization to the App. If the user is not logged in already, the user is prompted to login using CoursePeer’s login dialog.

To test this step, you can try: http://graph.coursepeer.com/index.php/oauth/?response_type=code&scope=basic&client_id=test123&redirect_uri=http://graph.coursepeer.com/index.php/signin/redirect

In this example, we have placed the client (the App) on the same server of CoursePeer, which appears by looking at the redirect_uri segment of the URL. In the normal case, the redirect URL will be pointing to the App’s server. If you don’t have an "email" account on CoursePeer, please sign up for one. We will support Facebook Login for Apps later.
Next, if it is the first time installing the App for the user, they will be requested to either "Approve" or "Deny" the installation. Once approved, the CODE is returned (required to be stored temporarily) and the app will need to aquire an ACCESS_TOKEN from the authorization server. The following URL can be used for that purpose:

http://graph.coursepeer.com/index.php/oauth/access_token?grant_type=authorization_code&client_id=APP_KEY&client_secret=APP_SECRET&redirect_uri=REDIRECT_URI&code=CODE
Once again, CoursePeer’s OAuth 2.0 server will redirect back to the appliction, after setting a session with the ACCESS_TOKEN. The ACCESS_TOKEN is passed as a GET variable as well. The app developer is responsible for storing the returned ACCESS_TOKEN for that session to use it for all future RESTful API requests.

As a continuation to the previous example, the code is returned to the App, and the App makes the ACCESS_TOKEN request. What you will see after page redirect is the ACCESS_TOKEN printed instead. Notice the code appearing in the URL.

Read and Write Requests


The following is the POST URL format of any method call for the CoursePeer APIs:
http://graph.coursepeer.com/index.php/data/METHOD?access_token=ACCESS_TOKEN
METHOD can be any of the methods described in the table below, which are associated with their respective arguments. The METHOD value consists of different URI elements. If the method performed requires action on a specific CoursePeer Knowledge Graph Object (eg. User, Question, Bookmark, Tip, etc.), then the OBJECT_ID should be included, as shown in the methods table below.

For example, if the user "John Doe" has a USER_ID=41553, and the Application requires fetching the user profile of John, http://graph.coursepeer.com/index.php/data/users/41553/profile should be requested.

However, along with the requested POST URL, an ACCESS_TOKEN should be passed as a GET variable (?access_token=…). This token is assigned to the session at the time of authorizing the application after each login. In some cases, additional arguments are needed (eg. when creating a question, you need to pass the title and content of the question being created). In such cases, the arguments are passed as a POST JSON string in the variable arguments.

As shown in the table below, some of the requests are READ while others are WRITE.

The READ requests that are executed on CoursePeer’s resources should fall under one of the following spaces:
  • User Space: This space represents all public resources of the user on CoursePeer
  • App Space: This space represents all public resources of the users of the application
  • Community Space: This space represents all public resources all users of CoursePeer, other than the resources owned by the user issuing the commands.
  • The WRITE and UPLOAD requests that are executed on CoursePeer’s resources should fall under the User Space (which is explained above). Note that, however, whenever you issue a UPLOAD request, your Encoding Type should be "multipart/form-data (i.e. in HTML a form should have the value enctype="multipart/form-data").
Note: CoursePeer’s App Notification Engine doesn’t allow messages to be sent to users outside the App Space. The following table summarizes the currently supported API calls available to CoursePeer App Deveopers.

Note: the following URIs are to be used while coding your standard OAuth 2.0 implementation:

Note: Only arguments in underlined bold are mandatory.

Whenever applicable, /USER_ID can be replaced by /me to represent the logged in user resource.

 

Method

 

 

Request Type

 

 

Description

 

 

Arguments

 

 

API Status

 

/users/me/profile

 

READ

 

Returns profile information including USER_ID

 

 

None

 

 

Online

 

/users/me/files

 

READ

 

Returns all files of the user

 

 

None

 

 

Online

 

/users/me/files

 

UPLOAD (WRITE)

 

Uploads a file to the user's archive (new or overwrite/sync). 'file' is the uploaded file encoded in multipart. If a new file is being uploaded, no need for 'id'. If a file is to be overwritten/synced (uploaded previously), you are required to pass the 'id' value of that file (which is returned when the file was newly uploaded).

 

 

file, id

 

 

Online

 

/users/me/files/FILE_ID/delete

 

WRITE

 

Deletes the file.

 

 

None

 

 

Online

 

/users/USER_ID/notifications/write

 

WRITE

 

Send notification message to the user.

 

 

message

 

Offline

 

/universalnotifications/USER_ID/write

 

WRITE

 

Send App notification message to the App user, with the App as the actor.

 

message, APP_KEY,APP_SECRET

 

Offline

 

/users/me/courses

 

READ

 

Returns all courses' names of the corresponding user.

 

None

 

 

Online

 

/users/me/questions

 

READ

 

Returns all questions for a specific user.

 

None

 

 

Online

 

/questions/QUESTION_ID

 

READ

 

Returns the content of a specific question.

 

 

None

 

 

Online

 

/questions/write

 

WRITE

 

Creates a new question.

 

 

identity, courseid, title, question

 

 

Offline

 

/questions/QUESTION_ID/delete

 

WRITE

 

Deletes the question only if it was posted through the App.

 

 

None

 

 

Offline

 

/users/me/bookmarks

 

READ

 

Returns all bookmarks for a specific user.

 

 

None

 

 

 

Online

 

/bookmarks/BOOKMARK_ID

 

READ

 

Returns the content of a specific bookmark.

 

 

None

 

 

 

Online

 

/bookmarks/write

 

WRITE

 

Creates a new bookmark

 

 

identity, courseid, title, typeid, categoryid, link, description

 

Offline

 

/bookmarks/BOOKMARK_ID/delete

 

WRITE

 

Deletes the bookmark only if it was posted through the App.

 

 

None

 

 

Offline

 

/users/me/tips

 

READ

 

Returns all tips for a specific user.

 

 

None

 

 

 

 

Online

 

/tips/TIP_ID

 

READ

 

Returns the content of a specific tip.

 

 

None

 

 

Online

 

/tips/write

 

WRITE

 

Creates a new tip.

 

 

identity, courseid, title, tip

 

 

Offline

 

/tips/TIP_ID/delete

 

WRITE

 

Deletes the tip only if it was posted through the App.

 

 

None

 

 

Offline

 

/users/me/life

 

READ

 

Returns all life activities for a specific user.

 

 

None

 

 

Online

 

/life/LIFE_ID

 

READ

 

Returns the content of a specific life activity.

 

None

 

 

Online

 

/life/write

 

WRITE

 

Creates a new life activity.

 

 

identity, description, typeid, activityid

 

Offline

 

/life/LIFE_ID/delete

 

WRITE

 

Deletes the life activity only if it was posted through the App.

 

 

None

 

 

Offline