Thank you!!! I mean - Argh! But thanks for the information :) Do you know about how much this have a priority?
Cheers, PS On Thu, Dec 18, 2008 at 7:21 PM, Kevin Marks <[email protected]> wrote: > Signed Requests are not yet supported by Google Friend Connect - this is > coming in a future release. > > > On Thu, Dec 18, 2008 at 9:39 AM, Peter Svensson <[email protected]>wrote: > >> John, >> thanks for the idea. That might be good enough security, but consider >> that you're open to bots (or humans) registering themselves with stolen ids. >> I would prefer if Google provided a simple functionality to authenticate >> users, a kind of 'quick path', since it would be so usable, and is asked >> from many different corners. >> >> Cheers, >> PS >> >> >> On Thu, Dec 18, 2008 at 6:08 PM, John Weidner <[email protected]>wrote: >> >>> >>> I just wrote a custom gadget that prompts for a username and >>> password. Then I use makeRequest to send these credentials along >>> with their open social viewerId. On the server side, if the username >>> and password are correct, I store the viewerId in my user database for >>> that user. So now I know the viewerId for these users. But I'm >>> currently doing this without signed authentication. >>> >>> On Dec 15, 7:19 am, psvensson <[email protected]> wrote: >>> > I just want to report back to my server the unique friend connect id >>> > and basic info of the current viewer. How hard can it be? >>> > >>> > I might not have understood how to do this correctly, but here's what >>> > I have done; >>> > >>> > 1. I have made sure that friend connect works on my site canvas, rpc- >>> > html, basic widgets and all that jazz. >>> > 2. I have made a simple custom widget, I call osaccess.xml which gets >>> > pulled in OK (Which I can see in firebug. It's of course proxied by a >>> > google server, but the content that gets in the browser is the same >>> > that I wrote). >>> > 3. From JS inside that custom widget, I make a request back to my >>> > server. It works fine if I use NONE as authorizationtype. >>> > 4. When I switch to SIGNED, I want to utilize that the google proxy >>> > guarantees id, and packs a lot of good info about the user/viewer. >>> > >>> > The code looks like this; >>> > >>> > function foo() >>> > { >>> > ..... >>> > var params = {}; >>> > params[gadgets.io.RequestParameters.CONTENT_TYPE] = >>> > gadgets.io.ContentType.TEXT; >>> > params[gadgets.io.RequestParameters.AUTHORIZATION] = >>> > gadgets.io.AuthorizationType.SIGNED; >>> > params[gadgets.io.RequestParameters.REFRESH_INTERVAL] >>> > = 5; >>> > var url = "http://howtobethechange.appspot.com/ >>> > osaccess/"; >>> > console.log("calling url... '"+url+"'"); >>> > gadgets.io.makeRequest(url, reqcb, params); >>> > }; >>> > >>> > function reqcb(data) >>> > { >>> > console.log("reqcb called...."); >>> > console.dir(data); >>> > } >>> > >>> > The reqcb always reply "404: not found" when I use SIGNED. >>> > >>> > What is it that is not found? >>> > >>> > Where can I read about examples on how to set this up. It seems to be >>> > the absolutely single first, top of mind, thing that any pgroammer >>> > want to do and sort of _the whole point_ of friend connect - to report >>> > back the certified user id of the current viewer to the site hosting >>> > the widgets. >>> > >>> > What am I missing? >>> > >>> > I should point out that I have registered my site athttps:// >>> www.google.com/accounts/ManageDomains, using a x.509 PEM >>> > certificate. It feels like there is a 'magic' url I have to provide >>> > (though I can't find any access from any google proxies or anything >>> > else when running the script). >>> > >>> > Very thankful for any advice. >>> > >>> > Cheers, >>> > PS >>> >>> >> >> >> > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OpenSocial Application Development" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/opensocial-api?hl=en -~----------~----~----~----~------~----~------~--~---
