Thank it's way more clear for me now, I still got a problem, we're using javascript to generate the iframe/iframe url and there is not other solution for us, do you have any idea to generate this token and give it to javascript ?
On Nov 4, 2:47 pm, Chris Chabot <[EMAIL PROTECTED]> wrote: > The token is something that is generated by the container (the social > network site), and is digested by shindig and it contains the: > - owner id > - viewer id > - app id > - module id > - gadget url > - container name > > Javascript has nothing to do with this, except that it passes the binary > encrypted blob along from it's iframe url value (the container put it > there), to the social back-end calls it makes (aka shindig). > > The reason it needs to be encrypted is because it provides the security that > the owner == the actual owner and the viewer == the actual viewer, without > the protection from encryption you could fake your own token and pretend to > be anyone... which is bad :) > > Now the confusion probably comes from the fact that the -static demo > container- uses a fake, plain text, demo token .. in the format of > "owner:viewer:etc:etc". This is just because it's hard to make proper > encrypted tokens in javascript, and because it's kind of nice to be able to > edit it in a demo environment ... however this is *not* at all meant for > anything like a real site / situation and is only there for demo reasons! So > all that plain text token stuff you see in javascript, please just forget > you saw that when your thinking about a real implementation :) > > -- Chris > > On Tue, Nov 4, 2008 at 10:26 AM, nvgigigan <[EMAIL PROTECTED]> wrote: > > > I do implement the all shindig thing in our web site and did test with > > a non encoded secure token (everything was working pretty well) > > except that I cant found the right way to use an encoded secure token > > now. > > I'm using the javascript to create a valid container so I guess it's > > somewhere inside the javascript? > > > I saw in partuza that you're using PHP to generate the container, and > > I understand the code, but I didn't understand in JS > > > Thanks for your help --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Implementing OpenSocial Containers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/opensocial-container?hl=en -~----------~----~----~----~------~----~------~--~---
