Read-Only Google Documents Integration

Overview

The goal for 2.7 is to provide the ability to include Google content within sites in a read-only fashion. A site maintainer should have the capability to link a Google document into a site's resources. The document should be managed completely by Google, but access to that document should be provided seamlessly to site participants as if the document were stored local to the Sakai instance.

Constraints

  1. Use of OAuth to Approve Google Document Access When a maintainer chooses to add a document she must approve the Sakai's access to her Google documents account. This requires authentication by the user with Google and her approval of an OAuth token which will be stored by Sakai.
  2. Google Limits OAuth Tokens on a Per-User, Per-Application Basis The CLE must use OAuth token efficiently. Google will limit the number of tokens granted to 10 per-user, per-application. Documents linked into Resources by the same user should reuse OAuth tokens when possible.

Use Cases

Maintainer Adds a Google Document from His/Her Google Account

  1. Maintainer Accesses Resources for a Site
  2. Maintainer Selects "Add Google Document" from the Actions Dropdown for a Folder
  3. If no OAuth Access Token Exists for the Maintainer, He/She Validates an OAuth Token Through Google and the Access Token is Stored
  4. The CLE Presents a List of Available Documents Obtained from Google
  5. Maintainer Selects a Document and the Document Type to Export to CLE
  6. New GoogleContentResource is Added to Resources Folder

Site Participant Accesses a Google Document

  1. Participant Accesses Resources for a Site
  2. Participant Selects a GoogleContentResource Appearing as a File in a Resources Folder
  3. CLE Looks for an Existing OAuth Access Token which will Permit Request of the Selected Resource
  4. CLE Requests an Input Stream from Google with the OAuth Access Token and Forwards that Stream to the Participant

Google Document is Removed by Maintainer

  1. Maintainer Accesses Resources for a Site
  2. Maintainer Selects "Delete" from the Actions Dropdown next to a GoogleContentResource
  3. Records of the Google Document are Expunged, Including Reference to the OAuth Access Token for the Maintainer

Design

The primary development for Google Documents integration will be the creation of a ContentHostingHandler which presents Google data to the ContentHostingService, called the GoogleContentHostingHandler. This plugin will generate, and manage ContentEntity objects (GoogleContentEntity and its subclasses GoogleContentResource and GoogleContentCollection) which represent resources maintained by Google. Each GoogleContentResource will contain those identifiers and connection information required to acquire and stream document data from Google to CLE users.
The authority to access a user's documents within Google Documents is obtained by presenting a valid OAuth access token. Such a token is created when the user validates the token through Google's Web applications. In order to manage and track OAuth tokens, an OAuthTokenService will be created. This service will allow retrieval of OAuth tokens which already exist for a user for a particular application. In this way a single Google Document OAuth access token can serve to authorize access to all documents published to the CLE by the same user.