Actually I think its probably related to the fact that the OAuth implementation that comes with Shindig ends up using TestSecurityTokenCodec.java. This is a default implementation SecurityToken but has static URL values for the gadget in the security token, not the actual URL for the gadget. The OAuth code tries to actually fetch the gadget XML based on the URL in this class and it fails because the URL in this class does not exist. If you put the correct URLs for your gadget in this class it should work. In a production environment you obviously want to use a different implementation of SecurityToken.
-Ryan Email: [email protected] Phone: 978-899-3041 developerWorks Profile From: Evgeny Bogdanov <[email protected]> To: [email protected], Date: 06/30/2011 04:25 PM Subject: Re: OAuth Error with Shindig I might be wrong, but it is probably connected to the fact that you do not give security token with gadget spec url. That is what it says below. I slightly remember something like that, guess this is why I had to add security token in my tutorial. "Something went wrong: Could not fetch gadget spec ==== Original request: GET /m8/feeds/contacts/default/base?alt=json Host: www.google.comX-Shindig-AuthType: oauth X-Forwarded-For: 0:0:0:0:0:0:0:1 X-shindig-dos: on ====" On 30/6/11 18:41, Sumedha Sanjeewa wrote: > I'm not sure about that. I used it because it was given in the above > mentioned thread. > My url is > http://localhost:8080/gadgets/ifr?url=http://dirk.balfanz.googlepages.com/contacts.xml > > And I didn't use a security token. I just did the things in the above > thread. > > > On Thu, Jun 30, 2011 at 7:48 PM, Evgeny Bogdanov<[email protected]>wrote: > >> Are you sure, you want to use RSA_PRIVATE as key_type? >> I have HMAC_SHA1 instead. >> >> What is the url you use to render gadget? >> >> What is the value of security token? >> >> >> On 30.06.11 15:52, Sumedha Sanjeewa wrote: >> >>> It's correct. Here is the entry in my oauth.json >>> >>> "http://dirk.balfanz.**googlepages.com/contacts.xml< http://dirk.balfanz.googlepages.com/contacts.xml>" >>> : { >>> "google" : { >>> "consumer_key" : "weitu.googlepages.com", >>> "consumer_secret" : >>> "**MIICdgIBADANBgkqhkiG9w0BAQEFAA**SCAmAwggJcAgEAAoGBALRiMLAh9iim** >>> ur8VA7qVvdqxevEuUkW4K+**2KdMXmnQbG9Aa7k7eBjK1S+**0LYmVjPKlJGNXHDGuy5Fw/** >>> d7rjVJ0BLB+ubPK8iA/**Tw3hLQgXMRRGRXXCn8ikfuQfjUS1uZ** >>> SatdLB81mydBETlJhI6GH4twrbDJCR**2Bwy/**XWXgqgGRzAgMBAAECgYBYWVtleUzav** >>> kbrPjy0T5FMou8HX9u2AC2ry8vD/**l7cqedtwMPp9k7TubgNFo+** >>> NGvKsl2ynyprOZR1xjQ7WgrgVB+**mmuScOM/5HVceFuGRDhYTCObE+** >>> y1kxRloNYXnx3ei1zbeYLPCHdhxRYW**7T0qcynNmwrn05/** >>> KO2RLjgQNalsQJBANeA3Q4Nugqy4QB**UCEC09SqylT2K9FrrItqL2QKc9v0Zz** >>> O2uwllCbg0dwpVuYPYXYvikNHHg+**aCWF+**VXsb9rpPsCQQDWR9TT4ORdzoj+** >>> NccnqkMsDmzt0EfNaAOwHOmVJ2RVBs**pPcxt5iN4HI7HNeG6U5YsFBb+/** >>> GZbgfBT3kpNGWPTpAkBI+**gFhjfJvRw38n3g/+**UeAkwMI2TJQS4n8+hid0uus3/** >>> zOjDySH3XHCUnocn1xOJAyZODBo47E**+67R4jV1/**gzbAkEAklJaspRPXP877NssM5nAZMU >>> **0/O/NGCZ+**3jPgDUno6WbJn5cqm8MqWhW1xGkImg**Rk+** >>> fkDBquiq4gPiT898jusgQJAd5Zrr6Q**8AO/0isr/**3aa6O6NLQxISLKcPDk2NOccAfS/** >>> xOtfOz4sJYM3+Bs4Io9+**dZGSDCA54Lw03eHTNQghS0A==", >>> "key_type" : "RSA_PRIVATE" >>> } >>> }, >>> >>> On Thu, Jun 30, 2011 at 6:16 PM, Jasha Joachimsthal< >>> [email protected]> wrote: >>> >>> The identifier of your oauth service probably doesn't match, for Google >>>> it's >>>> "google". See the following example: >>>> >>>> "http://www.example.com/**oauthtest.xml< http://www.example.com/oauthtest.xml>" >>>> : { >>>> "google" : { >>>> "consumer_key" : "www.example.com", >>>> "consumer_secret" : "mysecret", >>>> "key_type" : "HMAC-SHA1" >>>> } >>>> } >>>> >>>> Jasha Joachimsthal >>>> >>>> Europe - Amsterdam - Oosteinde 11, 1017 WT Amsterdam - +31(0)20 522 4466 >>>> US - Boston - 1 Broadway, Cambridge, MA 02142 - +1 877 414 4776 (toll >>>> free) >>>> >>>> www.onehippo.com >>>> >>>> >>>> On 30 June 2011 14:42, Sumedha Sanjeewa<[email protected]> wrote: >>>> >>>> Hi Evgeny, >>>>> Ok. Now I'm clear about this. So I should be able to test a oauth >>>>> gadget. >>>>> But I'm unable to test oauth as you said although I had changed the >>>>> oauth.json. When I test a oauth gadget above error comes out. Also I'm >>>>> >>>> not >>>> >>>>> getting to approve oauth. >>>>> Is my oauth.json is not read by shindig, because I got the same error >>>>> >>>> when >>>> >>>>> i used a Gadget Server which was based on shindig and I was able to >>>>> >>>> solve >>>> >>>>> it after adding the OAuth consumer details. >>>>> >>>>> On Thu, Jun 30, 2011 at 3:23 PM, Evgeny Bogdanov< >>>>> >>>> [email protected] >>>> >>>>> wrote: >>>>>> Yes. That's correct. You can only change oauth.json file to test oauth >>>>>> >>>>> in >>>>> shindig. >>>>>> However, if you restart the shindig server, all oauth keys will be lost >>>>>> since they >>>>>> are not saved in DB, which means users will have to again approve oauth >>>>>> >>>>> for >>>>> >>>>>> all >>>>>> oauth gadgets. >>>>>> >>>>>> >>>>>> On 30.06.11 08:25, Sumedha Sanjeewa wrote: >>>>>> >>>>>> Hi, >>>>>>> Thanks for the above. But still i'm not clear about this. According to >>>>>>> >>>>>> the >>>>>> above I should be able to get Shindig work with OAuth using oauth.json >>>>>>> without implementing new class. As I understood these changes are >>>>>>> only necessary if I'm going to use Shindig to a product where oauth >>>>>>> >>>>>> data >>>>> are >>>>>>> stored in DB's. Am I correct or do I need to modify shindig although >>>>>>> >>>>>> using >>>>>> oauth.json which is already in Shindig. >>>>>>> >>>>>>> On Wed, Jun 29, 2011 at 1:55 PM, Evgeny Bogdanov<evgeny.bogdanov@epfl. >>>>>>> >>>>>> ** >>>>>> ch<[email protected]>>**wrote: >>>>>>> To add your implementation to shindig, you can add it into >>>>>>> >>>>>>>> SocialApiGuiceModule.java like this >>>>>>>> >>>>>>>> import org.apache.shindig.social.******opensocial.oauth.**** >>>>>>>> OAuthDataStore; >>>>>>>> import org.apache.shindig.social.******sample.oauth.**** >>>>>>>> SampleOAuthDataStore; >>>>>>>> >>>>>>>> and >>>>>>>> >>>>>>>> bind(OAuthDataStore.class).to(******SampleOAuthDataStore.**class); >>>>>>>> >>>>>>>> Change SampleOAuthDataStore into your own class. >>>>>>>> >>>>>>>> Implement your class according to SampleOAuthDataStore.java >>>>>>>> The sample class uses json-db, if you need a persistent data-store >>>>>>>> >>>>>>> (like >>>>>> mysql, posgres), >>>>>>>> you have to implement it yourself. Do it similarly to >>>>>>>> JsonDbOpensocialService. >>>>>>>> >>>>>>>> Hope it answers your questions >>>>>>>> >>>>>>>> Best >>>>>>>> Evgeny >>>>>>>> >>>>>>>> >>>>>>>> On 29.06.11 05:55, Sumedha Sanjeewa wrote: >>>>>>>> >>>>>>>> Thanks Augustin and Evgeny. >>>>>>>> >>>>>>>>> In the Java version there is a BasicOAuthStore class which >>>>>>>>> >>>>>>>> implements >>>>> the >>>>>>>>> OAuthStore. So can i use that. Also please can you explain me how i >>>>>>>>> should >>>>>>>>> implement this class. (In which package,where to access the class >>>>>>>>> >>>>>>>> etc) >>>>>> On Tue, Jun 28, 2011 at 7:32 PM, Evgeny >>>>>>>> Bogdanov<evgeny.bogdanov@epfl. >>>>> * >>>>> >>>>>> *** >>>>>>>>> ch<[email protected]>>****wrote: >>>>>>>>> >>>>>>>>> Hi >>>>>>>>> >>>>>>>>> attached is an example tutorial I wrote some time ago. It was >>>>>>>>> working >>>>> with >>>>>>>>>> Shindig 2.0. >>>>>>>>>> Did not check newer versions. >>>>>>>>>> >>>>>>>>>> This is more a proof-of-concept that uses oauth.json file. >>>>>>>>>> >>>>>>>>>> If you wish a production ready implementation, you need to >>>>>>>>>> >>>>>>>>> implement >>>>> your >>>>>>>>>> own oAuthDataStore class, >>>>>>>>>> as Agustin wrote. >>>>>>>>>> >>>>>>>>>> Best >>>>>>>>>> Evgeny >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> On 28.06.11 15:40, Agustin Casiva wrote: >>>>>>>>>> >>>>>>>>>> Hi, I don't have experience with the Java version of Shindig. But >>>>>>>>>> >>>>>>>>> in >>>>> PHP >>>>>>>>>> I >>>>>>>>>>> had to implement several class to get shindig working with oauth >>>>>>>>>>> >>>>>>>>>> from >>>>>> gadgets. The most important class was the implementation of >>>>>>>>>>> OAuthDataStore, >>>>>>>>>>> this class handles the Tokens requested to the service provider. >>>>>>>>>>> >>>>>>>>>>> I assume that in the Java version should be the same, maybe you >>>>>>>>>>> >>>>>>>>>> need >>>>> implement some class to make the feature work. >>>>>>>>>>> I will try to check that and I will let you know. >>>>>>>>>>> >>>>>>>>>>> Regards >>>>>>>>>>> >>>>>>>>>>> On Tue, Jun 28, 2011 at 2:16 AM, Sumedha Sanjeewa< >>>>>>>>>>> >>>>>>>>>> [email protected] >>>>> wrote: >>>>>>>>>>> Hi, >>>>>>>>>>> >>>>>>>>>>> Can someone help me >>>>>>>>>>> >>>>>>>>>>>> Thanks in advance >>>>>>>>>>>> >>>>>>>>>>>> On Mon, Jun 27, 2011 at 5:41 PM, Sumedha Sanjeewa< >>>>>>>>>>>> >>>>>>>>>>> [email protected]> >>>>>> wrote: >>>>>>>>>>>> Hi, >>>>>>>>>>>> >>>>>>>>>>>> I'm new to Shindig and I want to try an OAuth gadget with >>>>>>>>>>>> >>>>>>>>>>> Shindig. >>>>> I >>>>> >>>>>> followed the steps mentioned in this thread [1]. I checked out >>>>>>>>>>>> the >>>>> current >>>>>>>>>>>>> source code in the trunk >>>>>>>>>>>> Also I used 'mvn -Prun' to start the Jetty server from the base >>>>>>>>>>>>> directory. >>>>>>>>>>>>> >>>>>>>>>>>>> Normal gadgets works fine but when i try the sample gadget >>>>>>>>>>>> given >>>>>>>>>>>> >>>>>>>>>>> in >>>>>> the >>>>>>>>>>>>> above thread i am getting this error. >>>>>>>>>>>>> >>>>>>>>>>>>> "Something went wrong: Could not fetch gadget spec ==== Original >>>>>>>>>>>>> request: >>>>>>>>>>>>> GET /m8/feeds/contacts/default/********base?alt=json Host: >>>>>>>>>>>>> >>>>>>>>>>>>> www.google.comX-Shindig-********AuthType: oauth >>>>>>>>>>>>> X-Forwarded-For: >>>>>>>>>>>>> >>>>>>>>>>>>> 0:0:0:0:0:0:0:1 >>>>>>>>>>>> X-shindig-dos: on >>>>>>>>>>>> >>>>>>>>>>>> ====" >>>>>>>>>>>> >>>>>>>>>>>> Please can someone help me with this. >>>>>>>>>>>>> [1] >>>>>>>>>>>>> >>>>>>>>>>>>> http://groups.google.com/********group/oauth/browse_thread/**< http://groups.google.com/******group/oauth/browse_thread/**> >>>>>>>>>>>>> < >>>>>>>>>>>>> >>>>>>>>>>>> http://groups.google.com/******group/oauth/browse_thread/**< http://groups.google.com/****group/oauth/browse_thread/**> >>>>>> <h**ttp://groups.google.com/******group/oauth/browse_thread/**< http://groups.google.com/****group/oauth/browse_thread/**> >>>>>>>>>>>>> **< >>>>>>>>>>>>> >>>>>>>>>>>> http://groups.google.com/****group/oauth/browse_thread/**< http://groups.google.com/**group/oauth/browse_thread/**> >>>>>> thread/5dea93b44dbbb628<http:/******/groups.google.com/group/****< http://groups.google.com/group/**> >>>>>>>>>>>> oauth/browse_thread/thread/******5dea93b44dbbb628<http://** >>>>>>>>>>>> groups.google.com/group/oauth/****browse_thread/thread/**< http://groups.google.com/group/oauth/**browse_thread/thread/**> >>>>>>>>>>>> 5dea93b44dbbb628< >>>>>>>>>>>> >>>>>>>>>>> http://groups.google.com/**group/oauth/browse_thread/** >>>> thread/5dea93b44dbbb628< http://groups.google.com/group/oauth/browse_thread/thread/5dea93b44dbbb628 > >>>> >>>>>>>>>>>> Thanks >>>>>>>>>>>> >>>>>>>>>>>> -- >>>>>>>>>>>>> Regards, >>>>>>>>>>>>> Sumedha Kodithuwakku >>>>>>>>>>>>> (SumedhaS) >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> -- >>>>>>>>>>>>> >>>>>>>>>>>>> Regards, >>>>>>>>>>>> Sumedha Kodithuwakku >>>>>>>>>>>> (SumedhaS) >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>> -- >>>>> Regards, >>>>> Sumedha Kodithuwakku >>>>> (SumedhaS) >>>>> >>>>> >>> >
