On Mar 27, 9:47 pm, nsheth <[EMAIL PROTECTED]> wrote: > Hello, > > I'm trying to develop both for MySpace and Orkut, and it seems that > the signing code is fairly different in the two cases. I started with > MySpace, here's the signing code I'm using there: > > $secret = 'xxxx'; > $consumer = "http://www.mysite.com/myspace/testoauth";; > if(preg_match('/\?=&/', $_SERVER['REQUEST_URI'])) { > $_GET[''] = '';} > > $sig = from_request()->build_signature( > new OAuthSignatureMethod_HMAC_SHA1(), > new OAuthConsumer( $consumer, $secret), > new OAuthToken(null,null) > ); > if ($sig == $_REQUEST['oauth_signature ']) echo "Validated"; > > Orkut's sample signing code is a bit different. To use the public > key, would I have to do a curl or fopen request to get the following? > "http://sandbox.orkut.com/46/o/"; + > $_REQUEST['xoauth_signature_publickey'] > > Will that first part of the url stay the same? > > Is the reason that we have to get Orkut's public key certificate the > fact that the applications don't have a "secret" key (like on Facebook > or MySpace)? > > Thanks for any tips or insights! Ideally, I'd be able to have the > same signing code for a variety of containers, but it looks like that > may not be possible . . .
Ideally you should save the orkut certificate locally rather than fetching it all the time... In fact the certificate file will not change very often and when it will, there will be plenty warning from orkut/google. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Orkut Developer Forum" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/opensocial-orkut?hl=en -~----------~----~----~----~------~----~------~--~---
