You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shindig.apache.org by "Kevin Brown (JIRA)" <ji...@apache.org> on 2008/09/17 21:41:44 UTC
[jira] Commented: (SHINDIG-609) fix oauth url parameters
[ https://issues.apache.org/jira/browse/SHINDIG-609?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12631900#action_12631900 ]
Kevin Brown commented on SHINDIG-609:
-------------------------------------
Yes, these definitely need to be fixed to match the spec. Will we break anything by changing xoauth_signature_publickey to xoauth_public_key? If so, can we just pass both for now without causing other issues?
Adding opensocial_app_url is a no-brainer, and is essential for simplifying the verification process.
> fix oauth url parameters
> ------------------------
>
> Key: SHINDIG-609
> URL: https://issues.apache.org/jira/browse/SHINDIG-609
> Project: Shindig
> Issue Type: Bug
> Components: Common Components (Java)
> Reporter: David Primmer
>
> particularly:
> xoauth_signature_publickey / xoauth_public_key
> and
> opensocial_app_id / xoauth_app_url / opensocial_app_url
> for ref:
> http://groups.google.com/group/opensocial-container/browse_thread/thread/bb5204db2476fbd7
> davep
> On Tue, Sep 16, 2008 at 11:26 PM, Eiji Kitamura <ag...@gmail.com> wrote:
> > Hi,
> >
> >
> > I'm trying to get clearer on OAuth on OpenSocial / Shindig and have a
> > few questions.
> > Sorry if these questions are not appropriate for this list.
> >
> > [1] opensocial_*id
> >
> > According to following document:
> > https://sites.google.com/site/oauthgoog/2leggedoauth/2opensocialrestapi
> >
> > OpenSocial container sends OAuth Consumer Request query with
> > * opensocial_ownerid
> > * opensocial_viewerid
> > * opensocial_appid
> >
> > But when I look at google code gadgets site document:
> > http://code.google.com/apis/gadgets/docs/reference/#gadgets.io
> >
> > It's said to send following query params which names are slightly different:
> > * opensocial_owner_id
> > * opensocial_viewer_id
> > * opensocial_app_id
> >
> > Actual Shindig implementation looks like sending queries same as
> > google code gadgets site explanation:
> > * opensocial_owner_id
> > * opensocial_viewer_id
> > * opensocial_app_id
> >
> > Is the one on oauthgoog just typo or do they have different meaning?
> >
> >
> > [2] xoauth_public_key
> >
> > According to following proposal:
> > http://dirk.balfanz.googlepages.com/oauth_key_rotation.html
> >
> > Public Key Identifier should be specified using "xoauth_public_key".
> > Same on google code gadgets site.
> > But actual implementation in Shindig seems like using
> > "xoauth_signature_publickey".
> >
> > Which is correct or should they be treated differently?
> >
> > [3] xoauth_app_url
> >
> > According to following proposal:
> > http://dirk.balfanz.googlepages.com/oauth_gadget_extension.html
> >
> > App url should be specified using "xoauth_app_url". But it looks like
> > there's "opensocial_app_url" mentioned on google code gadgets site.
> > Shindig is implemented with "opensocial_app_url" too.
> >
> > Which is correct or should they be treated differently?
> >
> >
> > Thanks in advance.
> >
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.