Hi all, I'm creating an opensocial widget. The widget can make SIGNED requests to an arbitrary url. The signing is done by the opensocial container. The result is a request which is enriched with these attributes: * opensocial_owner_id * opensocial_viewer_id * opensocial_app_id * oauth_consumer_key * oauth_token (empty) * xoauth_signature_publickey * oauth_signature_method * oauth_nonce * oauth_timestamp * oauth_signature
I want to verify that that the request is genuine. I this this should be possible with the oauth signature and the public key, but I don't know where I should begin! Can someone please explain how I should verify the signature against the request? It's probably somewhere in the oauth documentation but I couldn't find it between all the other use cases of oauth (i.e. requesting a token and using it). Thanks, Jaap --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
