Hi Arne, Thanks so much for the clarifications on 2-legged vs 3-legged - after deleting my cookies, the 3-legged authentication worked as I had expected for MySpace. Given the information regarding the redirection, making it more elegant is something I'll just push off until later if there's time.
My other question, then, is how to add Orkut into this "portal". I've read in the documentation that Orkut doesn't support 3-legged auth, in which case the users who want to authenticate through the portal and sync multiple profiles from a single interface would have to install an application on every profile which would allow the external site to authenticate through it. And unfortunately, I don't even know the workings of OpenSocial enough to know how to do that. Is there any way around this process (short of enacting the anti- pattern of users punching in their username and passwords on the external site) which would allow the external site to access their profile information on Orkut, without having to install an application beforehand? And if not, how would I go about writing an app that simply allows this sort of access (would it essentially be an "empty" app?)? I apologize again for asking questions that likely have straightforward answers, but I really appreciate your assistance. Shannon On Oct 22, 2:17 pm, Arne Roomann-Kurrik <api.kur...@google.com> wrote: > > + opensocial-api > > bcc:opensocial-and-gadgets-spec > > Hi Shannon, > > > > I'm moving this over to the API discussion list since it doesn't have that > much to do with the spec - if you could respond through > opensocial-api@googlegroups.com > orhttp://groups.google.com/group/opensocial-api/topics, I'd appreciate it! > > > > In response to your question - 3-legged OAuth is built around the redirect > back to the site you're authenticating with, and there's no way to avoid it. > It's not the most convenient experience, but allows users to share their > data with your website while keeping their passwords private. Any design > which requires users to enter their MySpace password into a form on your > website is considered an anti-pattern and should be avoided. You could > potentially attempt the redirect in a popup window in order to make the > experience a bit less jarring for the user (currently the PHP client doesn't > make this that easy, but if you followed up at > opensocial-client-librar...@googlegroups.com someone could help you work > through that process). > > > > With regard to not being able to change the user, what I believe MySpace is > doing in your case is checking for a MySpace cookie and pre-populating your > account information. If you were a user visiting the site and not logged > into MySpace, you should get a full username/login box combination. There > should also be a button or link somewhere to say "I'm not this user" and log > in with other credentials. > > > > As for 2-legged, you would need to have the application associated with the > consumer key/secret installed on the profile of any user whose data you wish > to access. 2-legged is mostly intended for developers who are currently > running a social gadget on a container and wish to access social data for > their application users out of band with a gadget render. In this case, the > application server would already have the user's OpenSocial ID (from a > signed makeRequest) and the user would already have the app installed on > their MySpace profile). > > > > Most of this is covered > inhttp://wiki.opensocial.org/index.php?title=OAuth_Use_Casesif you want more > information. Please follow up if anything is not clear. > > > > ~Arne > > On Thu, Oct 22, 2009 at 10:49 AM, Shannon <mag...@gmail.com> wrote: > > >> Hi all, > > >> I apologize for what is most likely a newbie question, as I'm probably > >> missing something simple, but in several hours of poring over > >> OpenSocial and MySpace and Orkut documentation and running my own > >> tests, I've been unable to answer this question. > > >> I'm designing a website as a personal project that allows arbitrary > >> users to sign into multiple social networking accounts from a single > >> location (not too dissimilar from power.com). Users can create an > >> account on my site, and then one by one add any social networking > >> accounts that the site supports (MySpace, Orkut, Twitter, maybe even > >> Facebook), and view their profile information for all their accounts > >> from the same dashboard. > > >> Unfortunately, I can't seem to figure out how to do this. > >> Specifically, I've run into two problems: > > >> 1) For testing purposes, I have a MySpace consumer key and consumer > >> secret, but whenever I attempt to perform a 3-legged authentication > >> with MySpace, there's no option for logging in as someone else. Plus, > >> it performs an external redirect, which is somewhat undesirable (as a > >> user of this eventual social networking "portal", I'd rather not have > >> to go through that redirection process every time I add a new > >> account). How would I programmatically authenticate an arbitrary user > >> and allow them access to their account information (preferably without > >> the external redirection)? > > >> 2) The 2-legged authentication requires a userId that identifies the > >> arbitrary user whose profile information will be retrieved. However, > >> when I enter my MySpace OpenSocial ID, along with the given consumer > >> key and consumer secret, I am given a 401 Access Denied error. > >> Furthermore, for an arbitrary user who has never used the system > >> before, it seems that they would first need to authenticate with the > >> social network to get their userId...which, it seems, requires the > >> userId in the first place. How can I perform 2-legged authentication > >> while having the userId already? > > >> I've been using the opensocial-php-client package in all my testing. > > >> Any help would be greatly appreciated! Thank you! > > >> Shannon > > >> -- > > >> You received this message because you are subscribed to the Google Groups > >> "OpenSocial and Gadgets Specification Discussion" group. > >> To post to this group, send email to > >> opensocial-and-gadgets-s...@googlegroups.com. > >> To unsubscribe from this group, send email to > >> opensocial-and-gadgets-spec+unsubscr...@googlegroups.com<opensocial-and-gadgets-spec%2bunsubscr...@googlegroups.com> > >> . > >> For more options, visit this group at > >>http://groups.google.com/group/opensocial-and-gadgets-spec?hl=en. -- You received this message because you are subscribed to the Google Groups "OpenSocial Application Development" group. To post to this group, send email to opensocial-...@googlegroups.com. To unsubscribe from this group, send email to opensocial-api+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/opensocial-api?hl=en.
