Hi Nuwan, The OAuthStore implementation that ships with Shindig (org.apache.shindig.gadgets.oauth.BasicOAuthStore) uses a JSON based configuration file for storing consumer keys and secrets and an in memory map for storing access tokens (which get wiped out every time you restart the servlet container).
To use Shindig OAuth support in a production environment you'll need to provide your own implementation of the org.apache.shindig.gadgets.oauth.OAuthStore interface -- the BasicOAuthStore serves as a good reference for exactly what your implementation will need to do. You'll also need to provide a mechanism for your gadget developers to register consumer keys and secrets for their gadgets. --Jesse -----Original Message----- From: Nuwan Bandara [mailto:[email protected]] Sent: Thursday, February 18, 2010 1:58 AM To: [email protected] Subject: Clarification on OAuth Gadgets Hi, I am in the process of testing OAuth Gadgets in shindig. I managed to get the sample OAuth gadget (google contacts gadget [1]) working in shindig. how ever if I want to add a gadget which is hosted at *http://foo.com/bar.xml* It seems I need to get a consumer key from google (thinking that the same contact gadget hosted in foo.com) and add that to the *conf/oauth.json*. This is not practical if the shindig is hosted and open for users to host gadgets in it. hence users cannot edit the* oauth.json* file to add the keys and gadget urls. is there a solution for this situation ? [1] http://dirk.balfanz.googlepages.com/contacts.xml<http://www.google.com/url?sa=D&q=http://dirk.balfanz.googlepages.com/contacts.xml&usg=AFQjCNGPvRi7sauro2w3OLkx9MXknHQy4A> Thanks & Regards -- /Nuwan
