You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@shindig.apache.org by Justin Wyllie <ju...@hotmail.co.uk> on 2010/08/18 11:41:53 UTC

Do I need my own keys for oAuth in Shindig?

I've read that Shindig has its own keys.
"One nice thing about gadget containers like Orkut or iGoogle supporting OAuth for the gadgets they host is that gadgets don’t need to bring their own consumer key and secret to the table. If they don’t have any, Shindig will just sign the OAuth request with its keys, and send the request on to the service provider that the gadget wants to talk to. "
Is this correct? Or do I need to install my own keys for signing (and OAUTH) to work? When I try to produce a signed request the field oauth_token is empty and my debugging so far indicates that it is failing to find a certificate so I'd assumed that I do need my own.
Thanks
Justin

RE: Do I need my own keys for oAuth in Shindig?

Posted by Justin Wyllie <ju...@hotmail.co.uk>.

Thanks.
I missed this. If anyone is using the PHP version and has the same question the process is the same - but the key name and path goes into container.php. (See the readme file in /certs.).




> Date: Wed, 25 Aug 2010 01:59:30 -0700
> Subject: Re: Do I need my own keys for oAuth in Shindig?
> From: plindner@linkedin.com
> To: dev@shindig.apache.org
> 
> To send outbound makeRequest calls you'll need to generate the keys and
> certificates.
> 
> A warning message like the following is displayed at startup if the keys are
> not configured:
> 
> WARNING: Couldn't load OAuth signing key.  To create a key, run:
>   openssl req -newkey rsa:1024 -days 365 -nodes -x509 -keyout testkey.pem \
>      -out testkey.pem -subj '/CN=mytestkey'
>   openssl pkcs8 -in testkey.pem -out oauthkey.pem -topk8 -nocrypt -outform
> PEM
> 
> Then edit shindig.properties and add these lines:
> shindig.signing.key-file=<path-to-oauthkey.pem>
> shindig.signing.key-name=mykey
> 
> 
> 
> On Wed, Aug 18, 2010 at 2:41 AM, Justin Wyllie
> <ju...@hotmail.co.uk>wrote:
> 
> >
> > I've read that Shindig has its own keys.
> > "One nice thing about gadget containers like Orkut or iGoogle supporting
> > OAuth for the gadgets they host is that gadgets don’t need to bring their
> > own consumer key and secret to the table. If they don’t have any, Shindig
> > will just sign the OAuth request with its keys, and send the request on to
> > the service provider that the gadget wants to talk to. "
> > Is this correct? Or do I need to install my own keys for signing (and
> > OAUTH) to work? When I try to produce a signed request the field oauth_token
> > is empty and my debugging so far indicates that it is failing to find a
> > certificate so I'd assumed that I do need my own.
> > Thanks
> > Justin
> 
> 
> 
> 
> -- 
> Paul Lindner -- plindner@linkedin.com -- linkedin.com/in/plindner

Re: Do I need my own keys for oAuth in Shindig?

Posted by Paul Lindner <pl...@linkedin.com>.

To send outbound makeRequest calls you'll need to generate the keys and
certificates.

A warning message like the following is displayed at startup if the keys are
not configured:

WARNING: Couldn't load OAuth signing key.  To create a key, run:
  openssl req -newkey rsa:1024 -days 365 -nodes -x509 -keyout testkey.pem \
     -out testkey.pem -subj '/CN=mytestkey'
  openssl pkcs8 -in testkey.pem -out oauthkey.pem -topk8 -nocrypt -outform
PEM

Then edit shindig.properties and add these lines:
shindig.signing.key-file=<path-to-oauthkey.pem>
shindig.signing.key-name=mykey



On Wed, Aug 18, 2010 at 2:41 AM, Justin Wyllie
<ju...@hotmail.co.uk>wrote:

>
> I've read that Shindig has its own keys.
> "One nice thing about gadget containers like Orkut or iGoogle supporting
> OAuth for the gadgets they host is that gadgets don’t need to bring their
> own consumer key and secret to the table. If they don’t have any, Shindig
> will just sign the OAuth request with its keys, and send the request on to
> the service provider that the gadget wants to talk to. "
> Is this correct? Or do I need to install my own keys for signing (and
> OAUTH) to work? When I try to produce a signed request the field oauth_token
> is empty and my debugging so far indicates that it is failing to find a
> certificate so I'd assumed that I do need my own.
> Thanks
> Justin




-- 
Paul Lindner -- plindner@linkedin.com -- linkedin.com/in/plindner