?

Log in

No account? Create an account
AIM<-->LJ Interface - LiveJournal Client Discussions [entries|archive|friends|userinfo]
LiveJournal Client Discussions

[ userinfo | livejournal userinfo ]
[ archive | journal archive ]

AIM<-->LJ Interface [May. 30th, 2005|03:56 am]
LiveJournal Client Discussions

lj_clients

[repalviglator]
[mood |excitedexcited]

I'm interested in making an AIM interface to LiveJournal. It would most likely be an AIM bot which you would IM posts to. The bot would run on someone's server... mine right now. (eventually LiveJournal's?)

Has anything like this been done before? If so, please let me know.

I'm interested in using PHP, Java, and MySQL. Joscar seems to be a good AIM library for Java. Does anyone know of a good Java - MySQL library? Is JDBC good?

Any suggestions, comments, etc will be appreciated!
linkReply

Comments:
[User Picture]From: kritikal
2005-06-01 07:07 pm (UTC)
Forget java and go python. I already wrote my own python aim client that talks to mysql servers...and I already wrote my own lj client in php...so, i'll gladly help you along.
(Reply) (Thread)
[User Picture]From: repalviglator
2005-06-02 02:21 am (UTC)
Thanks for the offer of help.

I would actually like to learn python. Coding without braces gives me shivers.... in a good way. Any reason to go python over java other than speed and more non-profit-ness? One interesting reason to go Java is that more people have it installed on their system. They would be able to install the bot easier.

Does python has a good OSCAR interface? As good as Joscar? I'm not up for trying to figure out the OSCAR protocal... libraries are good. ;) Reason I need OSCAR: I'm thinking about encorporating away messages. With TOC you can't get away messages without messaging the person.

A live journal php client would be the easy part I think. I'm assuming you used XML-RPC. Or no?


(Reply) (Parent) (Thread)
[User Picture]From: vanbeast
2005-06-01 07:43 pm (UTC)
I started doing something like this in PHP, scrapped it and went to perl, then scrapped it altogether. It kinda got boring :/

I agree with kritikal, Java may not be the best way to go. Sure, it'll work, but you'll have something working faster and easier in another (ie, scripting) language.

One advantage of Perl is that since LJ is written in it, there are piles of existing modules for interacting with the service. There are also at least a few existing AIM modules, and MySQL support, of course. Three little use statements at the top and you've got all the framework you need.

Those things probably exist in other languages too, I just don't know about them.
(Reply) (Thread)
From: mvc
2005-06-01 10:17 pm (UTC)
I used the official MySQL JDBC driver when I was doing some Java MySQL stuff a while back, and didn't have any problems with it. Is there anything in particular that you're looking for?

I don't know if this will be useful to you, but I wrote a general purpose blogging-by-AIM bot in Python a year or two ago, which could certainly talk to LiveJournal through the Blogger API. It's not really documented (it was just a hack I wrote for myself and some friends), and it's not in your language of choice, but you might be able to borrow ideas from it. Anyway, if you're interested, I've put up a page for it.
(Reply) (Thread)
[User Picture]From: repalviglator
2005-06-02 02:38 am (UTC)
Sweet! I just downloaded your code, put in my bot's username and password and nothing really happened. Maybe it doesn't work on... dare I say it.... Windows.

Recently I've been working a lot with PHP, and have found PEAR packages really useful. (about the equivelent of CPAN for perl) If you've ever worked with DB_QueryTool, maybe you know what I'm talking about. That's the kind of thing I'm looking for, but I could certainly program my own version if nesesary.


(Reply) (Parent) (Thread)
From: snej
2005-06-02 02:40 am (UTC)
This doesn't seem like a good idea to me.

First, everyone who used the bot would have to give it their LJ password. This is just a terrible idea for security. AIM traffic is unencrypted and easy to sniff (and is sniffed, believe me) and not a medium to send passwords over. On the other hand, if the password were sent out-of-band (like on an SSL-protected web form when users set up their access to the bot), your server then becomes a big repository of passwords, making it extremely tempting to crackers. How experienced in this stuff are you? Make one subtle quoting mistake in a PHP script, open a security hole, and suddenly the journals of everyone who's used your service are compromised. Do you want your fun project to involve that kind of responsibility?

(Sure, there is no money involved in breaking into LJ accounts. But there is oh-so-much drama on LJ that I'm sure many people would love to do it, just to get back at people or cause trouble.)

Second, writing services that log into AIM is asking for trouble. If your bot becomes popular enough to be noticed by AOL, they will either kick it offline for "breaking into their network", or require license fees. For this reason, LJ/6apart would never touch such a thing.

Third, is this useful? Isn't it re-inventing the wheel? LiveJournal already supports posting by web form, email, SMS, and voice. In what kind of environment do people only have access to AIM, not any of those other media? (And OK, "I'm just doing it for fun" is a fine answer. But a for-fun project shouldn't involve the risk of compromising other people's data.)
(Reply) (Thread)
[User Picture]From: lifftchi
2005-06-02 08:59 am (UTC)
I see this bot as a tool for a single person, who runs it on his own server, with hard-coded name/password. This negates the security and licensing problems.

As to the third issue -- it's not a matter of 'useful.' The aim bot is interesting because it imposes limitations on your posting style. You send a paragraph at a time and can't edit. You've always got a client running. No one expects any sort of sustained narrative. It's a totally different experience. Producing certain effects requires careful negotiation and planning. That makes it worthwhile.
(Reply) (Parent) (Thread)
From: snej
2005-06-02 11:37 am (UTC)
I was responding to repalviglator's idea, which sounds like it's meant to be a service for many people, not just one.

As for intentional limitations: I agree that imposing artificial constraints can spur the creative process (the Surrealists, and Burroughs, did a lot with this.) That's not the sense I got from the original post, however.

Also, don't you get the same limitations from SMS posts without having to install any special software? AIM messages don't limit you to a paragraph — the OSCAR packet limit is about 7kbytes, IIRC, which is about 2 pages of text — and the editing experience is usually better than a web form since it's WYSIWYG. Personally, I always have an email and LJ client running, in addition to AIM, but that may be a generational thing...

But. Again, my objections weren't to the way you run your AIM bot, but to what I saw repalviglator proposing to do.
(Reply) (Parent) (Thread)
[User Picture]From: repalviglator
2005-06-02 01:03 pm (UTC)
SMS posts cost me money... I'm cheap. Plus, they are damn slow to type on a cellphone. But, if I wanted to post from a cell phone, that's probably what I would use.

Sure... it would be nice to be a service to many people, but I don't want responsibility for too many passwords. Maybe if they created a separate account just for this use. Or, maybe if I created one account that anyone could post to, like lifftchi did.

I think there is a smaller limit on characters you can enter in one IM, but of course you can string IMs together to form an entry which is what I want to do. Or, I think direct connect is limitless... not sure though.

So, one method is to create an application that anyone could run (on their own computer) and type in a username and password for both aim (the bot) and lj. (the blog) That way, they would keep that info private.

(Reply) (Parent) (Thread)
From: snej
2005-06-02 03:41 pm (UTC)
Huh, I thought you had cellphones in mind. If you're not posting from a cellphone, why not just use a client app or a web form or email?

I have worked closely with the AIM protocol so I'm fairly confident about the 7k limit (IIRC, the OSCAR packet size is 8k, but there's some overhead for headers and such.) You just can't send messages that large very often or the server will rate-limit you.

"So, one method is to create an application that anyone could run..."

If you're going to install a custom app on your computer anyway, why not make it an honest-to-god LiveJournal client?

Anyway, if you just think it would be Really Cool to type a message into AIM and see it come up on your journal, then go for it. I was just raising concerns about something that might compromise other people's passwords.
(Reply) (Parent) (Thread)
[User Picture]From: gen_witt
2005-06-02 05:23 pm (UTC)
Complete OpenID/Yadis will allow one to safely authenticate in this manner without trusting the runner of the bot.
(Reply) (Parent) (Thread)
[User Picture]From: repalviglator
2005-06-02 06:10 pm (UTC)
OMG... no joke? Tell me how.
(Reply) (Parent) (Thread)
From: snej
2005-06-02 06:13 pm (UTC)
I thought about that when writing my previous reply. Yes, that will work great for web-based apps, where JavaScript can take care of forwarding the paperwork between the servers. But I can't see any way of using OpenID (or Sxip or TypeKey or...) over an AIM message. Or am I missing something? How would you see this working?
(Reply) (Parent) (Thread)
[User Picture]From: gen_witt
2005-06-02 06:35 pm (UTC)
The way I see it is roughly as follows. When you first contact the aim bot, it asks you for your LJ user name, at which point it pairs your AIM sn with your LJ username. The server running the bot, then asks LJ for you OpenID server, using the URL of some informational page of the bot on the same server. You then add that URL to your allowed list.

Then when you post, the server running the bot does the whole OpenID handshake pretending it's a browser.

The big issue which is not really covered, is that I don't think OpenID will be allowed to be used to post top level entries onto LJ. But it's not entierly clear what LJ will expose as a server. I want to ask brad what exactly will be exposed when he comes to my local LUG (next week).

Granted I'm almost certainly missing something because having read the documentation a few times now, I don't see how it really works. But given that one of the things OpenID can do is allow meemes to access your protected and private entries and to have your protected and private entries show up in your RSS/Atom feed, I assume that if posting using an OpenID identitiy is allowed, than what I'm describing can be done.
(Reply) (Parent) (Thread)
[User Picture]From: gen_witt
2005-06-02 06:37 pm (UTC)
err, what LJ will expose as a Client.
(Reply) (Parent) (Thread)
From: snej
2005-06-02 06:44 pm (UTC)
Disclaimer: I understand the basic approach of OpenID etc., and have skimmed the docs, but the current docs are way too vague for me to pore over the details thereof. So I may not have this right.

At some point during that first-contact process, you have to sign into LJ with your password. That means you have to use a web interface to configure the AIM bot (which means this can't all be done over AIM) or you have to send it your password over AIM (which would be very bad.)

Also, I don't think the signed permission given to the bot by LJ would persist very long. As a security measure, usually these things time out pretty quickly. That means you'd have to go through the config process over and over.
(Reply) (Parent) (Thread)
[User Picture]From: gen_witt
2005-06-02 06:52 pm (UTC)
You have to tell your OpenID server that the AIM bot is allowed (seeing as LJ will almost certainly be your server, you'd use the LJ interface, requiring a signon to the Web interface).

The LJ OpenID server already supports perment permision grant. Yes the bot will have to jump through the hoops all the time, but the user will not need to participate in the authentication.
(Reply) (Parent) (Thread)
[User Picture]From: gen_witt
2005-06-02 06:55 pm (UTC)
Also you don't need to configure the AIM bot with a web interface, you can provide a link to the users OpenID authentication page inside the AIM conversation, when it is required.
(Reply) (Parent) (Thread)
[User Picture]From: lifftchi
2005-06-02 08:52 am (UTC)
I wrote one of these. Haven't seen any evidence that others exist. There's a post somewhere on this community announcing mine, but I'm too lazy to look.

Anyway, it's written in perl, on the theory that many wonderful modules exist just waiting to be glued together.

The journal's name is noisetube, and the bot's named 'tacosapien.'
(Reply) (Thread)
[User Picture]From: repalviglator
2005-06-02 01:04 pm (UTC)
I tried posting... it was funny cause I shared the post with someone else. I also downloaded the code, but couldn't get it running because of perl dependencies. Haven't really gotten a handle on that yet. Maybe there's an easier way than how I was doing it.
(Reply) (Parent) (Thread)
[User Picture]From: repalviglator
2005-06-02 06:09 pm (UTC)
hopefully you ment for anyone to post to that blog... cause I think I'm going to play with it some... hehe
(Reply) (Parent) (Thread)
From: bbrewer
2005-06-03 02:03 pm (UTC)
Among other features, the IM smarter proxy supports posting to LJ. Maybe overkill for what you want, but there it is.
(Reply) (Thread)