Qt wiki will be updated on October 12th 2023 starting at 11:30 AM (EEST) and the maintenance will last around 2-3 hours. During the maintenance the site will be unavailable.

Qt and Web Services

From Qt Wiki
Revision as of 14:30, 5 March 2016 by JKSH (talk | contribs) (Reverted edits by Kafeg (talk) to last revision by Henri Vikki)
Jump to navigation Jump to search


This page tracks current Web Service trends and the requirements of those in Qt. See also the corresponding task in the Qt bug tracker .

Areas for Improvement

  • OAuth . Needed for logging in to e.g. Twitter, Facebook, Foursquare etc.
  • OAuth comes in two versions:
    • OAuth 1.0a: Authentication / authorization is done in either HTTP headers or URL, no SSL needed, but quite some signing / nonce creating etc. logic. There are two major 3rd party implementations:
      • QOAuth: depends on QCA and QCA's OpenSSL plugin and spins its own event loop to fake synchronous requests (which is bad).
      • kOAuth: I have not looked at that closely.
    • OAuth 2: No signing / hashing etc. required, expects data to be sent over SSL. As far as I can see this can be easily supported on top of Qt.

It seems like OAuth 2 is really taking over (Facebook, Foursquare, Google Data APIs offer it already); sites using OAuth 1.0a: (Twitter, LinkedIn).

  • JSON support . Web Services usually offer their data in either XML or JSON, with JSON having become a lot more popular than XML. JSON can be parsed directly from QML (I think - could somebody confirm?), if parsing within C++ is used, there is a 3rdparty solution called QJson and one written by Girish called qjsonparser

Completed features

  • HTTP DELETE (done for 4.6). Can be used for some web services; however not a hard requirement, usually services allow to fake it or use it via POST.
  • HTTP multipart messages (done for 4.8). Needed for Flickr / Facebook etc. image upload; in general used very often where uploading binary data is involved.

Web Services Matrix

Name Access Method Data format Authentication Additional Requirements Comment
Facebook REST, FQL (Facebook Query Language, their own SQL - style language) XML, JSON OAuth 2.0 for desktop apps HTTP multipart messages (for uploading photos) offers a XML schema at http://api.facebook.com/1.0/facebook.xsd code generation possible, cool! for developing Facebook applications, there is: FBML (their own HTML - style language), XFBML (for using FBML in a normal HTML site), FBJS (their own JavaScript-style language)
there is already a Qt Facebook API called Fantasma at http://wiki.developers.facebook.com/index.php/User:C++ (seems to be quite old, uses QHttp)
Flickr REST, SOAP, XML - RPC XML (SOAP 1.2 / plain / XML - RPC), JSON, PHP - serialized as with facebook, some md5 required and launching a browser window for authorization (similar to OAuth) HTTP multipart messages (for uploading photos)
Twitter REST, ATOM (for some methods) XML (plain / ATOM), JSON OAuth (login via web page); HTTP Basic Auth (only until June 2010) OAuth 1.0a some parts of the API are only available in JSON and ATOM, namely search and trends
Authentication described at http://apiwiki.twitter.com/Sign-in-with-Twitter
MySpace REST XML, JSON OAuth OAuth the API supports OpenSocial API, which is "a common API for social applications"
Google Maps JavaScript no real Web service API, but a JavaScript library to be used within a browser
Google Search Ajax, REST JavaScript (Ajax), JSON (REST) none required REST interface is very limited, see http://googlesystem.blogspot.com/2008/04/google-search-rest-api.html
REST API documented at http://code.google.com/apis/ajaxsearch/documentation/#fonje
Bing Search REST, SOAP+WSDL XML (plain / SOAP) none required
Last.fm REST, XML - RPC, some calls as well RSS and iCal XML (plain / XML-RPC) either Web browser (Web / Desktop apps) or getting username & password from user and send that via md5 to last.fm there is a Qt C++ API called Liblastfm: http://github.com/mxcl/liblastfm/tree/master
Google Data API REST (using Atom Publishing Protocol) XML (Atom), JSON, RSS for installed apps: their own ClientLogin (via HTTPS, but then sending the 2-year-expiry auth key in plaintext!), for web apps: either an AuthSub mechanism (directing the user to a google web page) or OAuth HTTP multipart messages (not a strict requirement, for uploading photos etc.), OAuth
Amazon Cloud Services (EC2, S3 etc.) SOAP+WSDL, REST XML SOAP: WS-Security (http://docs.amazonwebservices.com/AWSEC2/2009-08-15/DeveloperGuide/index.html?using-soap-api.html#using-soap-api-authentication), REST: own security scheme based on SHA1/SHA256 (http://docs.amazonwebservices.com/AWSEC2/2009-08-15/DeveloperGuide/index.html?using-query-api.html#query-authentication , I saw no password there, strangely) SOAP: WS-Security
Ebay API SOAP+WSDL, REST, HTTP GET XML, JSON HTTP multipart messages
Wordpress XMLRPC XML
StudiVZ (German Facebook clone) REST XML, JSON, JavaScript, ATOM+XML OAuth OAuth supports OpenSocial ; currently says "OAuth not supported at the moment", I don't know if they are actually using it or not
LinkedIn REST XML OAuth 1.0a OAuth 1.0a
Windows Messenger Connect JavaScript OAuth WRAP