On Feb 7, 2008 6:19 PM, Paul Lindner <[EMAIL PROTECTED]> wrote:
> On Thu, Feb 07, 2008 at 06:02:55PM -0800, Kevin Brown wrote:
> > Country & Language are already covered in the spec -- in
> > gadgets.Prefs(unfortunate, but it's there for easier compatibility
> > with existing igoogle
> > gadgets).
>
> Ah, nice, this wasn't available in the older opensocial specs afaik,
> glad to see it's officially supported.
>
> > Why do you want developers to access the auth token? Is there any reason
> why
> > this can't be normalized into the existing security token mechanism?
>
> Part of this is for legacy support, the iLike and Qloud apps are
> hybrid, we supply them with an internal auth token that they can use
> against our backend API servers.
>
> To accomodate that I need to push that data into the views/params
> subsystem. To do that I had to have a way to pass in parameters to
> init() to override the defaults.
>
> here's what we have in our hi5 container code:
>
> var locale = state.locale;
> var lang = locale.substring(0,2);
> var ctry = locale.substring(3);
> var params = { country: ctry, language: lang, Hi5AuthToken:
> state.Hi5AuthToken};
>
> var supportedSurfaces = {"default" : true, "canvas" : true,
> "profile" : false, "preview" : true}
> // inject into views
> gadgets.views.init(supportedSurfaces, params);
Is there any reason why you can't just pass the security token though? If
you implement GadgetSigner to be aware of how to decode your particular
token, you'd have all of this. The format can be exactly the same as
whatever you're using now, only you'd pass it as #st=<whatever> instead of a
view param; ultimately to support OAuth (as discussed in Brian's recent
threads and in SHINDIG-35) you'll want to use this anyway, so why not just
have a single token?
I'm also not really in favor of an approach like this because it makes it
harder for containers to dynamically determine support for specific features
that a container needs. If gadgets are expecting some hi5-specific data, it
would be better to introduce a feature -- perhaps "hi5.auth" or something
along those lines -- that exposes this functionality. This makes it easy to
see immediately that this gadget won't work correctly on other sites, since
they won't support this non-feature.
Lastly, the params are supposed to be the same as those passed to
requestNavigateTo -- so doing this violates the spec. Without introducing a
new feature the most logical place to inject this would probably be as a
user pref (up_Hi5AuthToken perhaps).
>
> > On Feb 7, 2008 5:50 PM, Paul Lindner <[EMAIL PROTECTED]> wrote:
> >
> > > For the hi5 container we want to surface the country, language and our
> > > authtoken parameters to the app developer. The current views.js code
> > > doesn't allow for this via the init() method. Here's a change that
> > > implements that:
> > >
> > > Index: features/views/views.js
> > > ===================================================================
> > > +++ features/views/views.js (working copy)
> > > @@ -28,7 +28,6 @@
> > > *
> > > http://code.google.com/apis/gadgets/docs/reference/gadgets.views.html
> > > */
> > > gadgets.views = function() {
> > > -
> > > /**
> > > * Reference to the current view object.
> > > */
> > > @@ -79,8 +78,9 @@
> > > * TODO: Use unified configuration when it becomes available.
> > > * @param {Map<String, Boolean>} supported The views you
> > > support,
> > > * where keys = name of the view and values = isOnlyVisible
> > > + * @param opt_p extra parameters you want
> > > */
> > > - init : function(supported) {
> > > + init : function(supported, opt_p) {
> > > if (typeof supported["default"] === "undefined") {
> > > throw new Error("default view required!");
> > > }
> > > @@ -98,6 +98,10 @@
> > > params = tmpParams;
> > > }
> > > }
> > > + // Pull in extra params
> > > + for (var i in opt_p) {
> > > + params[i] = opt_p[i];
> > > + }
> > > currentView = supportedViews[urlParams.view] ||
> > > supportedViews["default"];
> > > }
> > > };
> > > @@ -118,4 +122,4 @@
> > >
> > > gadgets.views.ViewType = gadgets.util.makeEnum([
> > > "FULL_PAGE", "DASHBOARD", "POPUP"
> > > -]);
> > > \ No newline at end of file
> > > +]);
> > >
> > >
> > >
> > >
>
> --
> Paul Lindner
> hi5 Architect
> [EMAIL PROTECTED]
>
