On Sat, Nov 7, 2009 at 10:57 AM, Roy <[email protected]> wrote: > Having tried all the alternatives, I figured that OAuth is probably > the answer, but I am really struggling to get a toe hold on the > technology. In particular I really can't figure out what the different > roles of the actors are, and eg. is my requirement a 2-legged or 3- > legged one. Do I need to care about SSO/OpenID. All the blueprints I > can find deal with the use case of accessing Gdata APIs, which isn't > quite what I'm after.
Hey Roy - You may want to take this question to the opensocial forums, but here is a start: http://wiki.opensocial.org/index.php?title=Validating_Signed_Requests The appengine OAuth support will help you a bit; you'll be able to validate two-legged OAuth signatures with a simple function call. That will take care of the authentication for you. You still need to think about the authorization part of your application, though. Sample code here: http://code.google.com/p/gaeoauthdemo/ Cheers, Brian --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
