I didn't understand why OAuth is required.

[Akash Xavier <ak...@gmail.com>]

Hi guys...
I have been reading the Shindig docs and the posts on this mailing list. I
still don't understand why OAuth is being implemented. I know that it's like
OpenID. But what's the purpose of implementation in Shindig.

-- 
Akash Manohar
akashmanohar@gmail.com

Re: I didn't understand why OAuth is required.

[Akash Xavier <ak...@gmail.com>]

Brian
Could you please have a look at this post in the Open Social group?
http://groups.google.com/group/opensocial-container/browse_thread/thread/c7e25403ecf68b6b
I am posting about implementing containers in that topic.

On Jan 27, 2008 8:17 PM, Akash Xavier <ak...@gmail.com> wrote:

> Brian...
>
> I see on facebook that whenever an app that accesses personal data is
> added to your profile. It asks whether u want the app to use your xyz data
> or abc data. Is OAuth implemented to do something like this?
>
>
> On Jan 27, 2008 8:14 PM, Brian Eaton <be...@google.com> wrote:
>
> > On Jan 27, 2008 7:39 PM, Akash Xavier <ak...@gmail.com> wrote:
> > > I have been reading the Shindig docs and the posts on this mailing
> > list. I
> > > still don't understand why OAuth is being implemented. I know that
> > it's like
> > > OpenID. But what's the purpose of implementation in Shindig.
> >
> > It's not really like OpenID at all.  OAuth is for authorization,
> > rather than authentication.  It's about a user giving permission for a
> > gadget to access some of their personal data.
> >
> > You'll be able to use it write gadgets that access a user's calendar
> > or their photos, to pick a couple of examples.
> >
> > Cheers,
> > Brian
> >
>
>
>
> --
> Akash Manohar
> akashmanohar@gmail.com
>



-- 
Akash Manohar
akashmanohar@gmail.com

Re: I didn't understand why OAuth is required.

[Kevin Brown <et...@google.com>]

On Jan 28, 2008 1:19 PM, Brian McCallister <br...@skife.org> wrote:

> On Jan 27, 2008 9:05 PM, Akash Xavier <ak...@gmail.com> wrote:
>
> > Wow....
> > That nice...
> > Brian could you please post on what should be done to get the php
> version
> > upto date with the OpenSocial release (0.7)...
>
>
> Am trying to figure that out, actually. I want to make the PHP backend
> work
> the same as the Java so that the same concepts and javascript apply --
> less
> conceptual space to fight with. I don't have the details down to a list,
> though :-(


In that case, we'd have to have the Java impl. support opensocial-0.7 in the
first place! :)

I think the first step is getting a working, flexible "opensocial-0.7"
feature implemented in the first place. We should start by modifying
opensocial-samplecontainer to hook up to real data sources.

~Kevin

Re: I didn't understand why OAuth is required.

[Brian McCallister <br...@skife.org>]

On Jan 27, 2008 9:05 PM, Akash Xavier <ak...@gmail.com> wrote:

> Wow....
> That nice...
> Brian could you please post on what should be done to get the php version
> upto date with the OpenSocial release (0.7)...


Am trying to figure that out, actually. I want to make the PHP backend work
the same as the Java so that the same concepts and javascript apply -- less
conceptual space to fight with. I don't have the details down to a list,
though :-(

-Brian



>
> Development seems to be really dry and and the package is still primitive.
> Could you please explain what needs to be done in simple words? (because
> the
> to-do list is a bit alien to noobs like me)  :)
> How can I help?
>
> I am a student and have holidays now.  :)
>
> On Jan 27, 2008 8:58 PM, Brian Eaton <be...@google.com> wrote:
>
> > On Jan 27, 2008 8:17 PM, Akash Xavier <ak...@gmail.com> wrote:
> > > I see on facebook that whenever an app that accesses personal data is
> > added
> > > to your profile. It asks whether u want the app to use your xyz data
> or
> > abc
> > > data. Is OAuth implemented to do something like this?
> >
> > Sort of, except that OAuth is really meant for cases where your data
> > is held by a different organization than is running the social
> > network.  For example, if you were writing an app for your own social
> > network and you wanted the app to access a user's google calendar, you
> > would use OAuth to get the user's permission.
> >
> > Cheers,
> > Brian
> >
>
>
>
> --
> Akash Manohar
> akashmanohar@gmail.com
>

Re: I didn't understand why OAuth is required.

[Akash Xavier <ak...@gmail.com>]

Wow....
That nice...
Brian could you please post on what should be done to get the php version
upto date with the OpenSocial release (0.7)...
Development seems to be really dry and and the package is still primitive.
Could you please explain what needs to be done in simple words? (because the
to-do list is a bit alien to noobs like me)  :)
How can I help?

I am a student and have holidays now.  :)

On Jan 27, 2008 8:58 PM, Brian Eaton <be...@google.com> wrote:

> On Jan 27, 2008 8:17 PM, Akash Xavier <ak...@gmail.com> wrote:
> > I see on facebook that whenever an app that accesses personal data is
> added
> > to your profile. It asks whether u want the app to use your xyz data or
> abc
> > data. Is OAuth implemented to do something like this?
>
> Sort of, except that OAuth is really meant for cases where your data
> is held by a different organization than is running the social
> network.  For example, if you were writing an app for your own social
> network and you wanted the app to access a user's google calendar, you
> would use OAuth to get the user's permission.
>
> Cheers,
> Brian
>



-- 
Akash Manohar
akashmanohar@gmail.com

Re: I didn't understand why OAuth is required.

[Brian Eaton <be...@google.com>]

On Jan 27, 2008 8:17 PM, Akash Xavier <ak...@gmail.com> wrote:
> I see on facebook that whenever an app that accesses personal data is added
> to your profile. It asks whether u want the app to use your xyz data or abc
> data. Is OAuth implemented to do something like this?

Sort of, except that OAuth is really meant for cases where your data
is held by a different organization than is running the social
network.  For example, if you were writing an app for your own social
network and you wanted the app to access a user's google calendar, you
would use OAuth to get the user's permission.

Cheers,
Brian

Re: I didn't understand why OAuth is required.

[Akash Xavier <ak...@gmail.com>]

Brian...

I see on facebook that whenever an app that accesses personal data is added
to your profile. It asks whether u want the app to use your xyz data or abc
data. Is OAuth implemented to do something like this?

On Jan 27, 2008 8:14 PM, Brian Eaton <be...@google.com> wrote:

> On Jan 27, 2008 7:39 PM, Akash Xavier <ak...@gmail.com> wrote:
> > I have been reading the Shindig docs and the posts on this mailing list.
> I
> > still don't understand why OAuth is being implemented. I know that it's
> like
> > OpenID. But what's the purpose of implementation in Shindig.
>
> It's not really like OpenID at all.  OAuth is for authorization,
> rather than authentication.  It's about a user giving permission for a
> gadget to access some of their personal data.
>
> You'll be able to use it write gadgets that access a user's calendar
> or their photos, to pick a couple of examples.
>
> Cheers,
> Brian
>



-- 
Akash Manohar
akashmanohar@gmail.com

Re: I didn't understand why OAuth is required.

[Brian Eaton <be...@google.com>]

On Jan 27, 2008 7:39 PM, Akash Xavier <ak...@gmail.com> wrote:
> I have been reading the Shindig docs and the posts on this mailing list. I
> still don't understand why OAuth is being implemented. I know that it's like
> OpenID. But what's the purpose of implementation in Shindig.

It's not really like OpenID at all.  OAuth is for authorization,
rather than authentication.  It's about a user giving permission for a
gadget to access some of their personal data.

You'll be able to use it write gadgets that access a user's calendar
or their photos, to pick a couple of examples.

Cheers,
Brian