Hi, I'm trying to configure the 2 legged oAuth authentication. But i can't make it working. Here is what I'm doing :
$ svn co http://svn.apache.org/repos/asf/incubator/shindig/branches/1.0.x-incubating . ... $ cd config $ openssl req -newkey rsa:1024 -days 365 -nodes -x509 -keyout testkey.pem -out testkey.pem -subj '/CN=mytestkey' $ cat testkey.pem -----BEGIN RSA PRIVATE KEY----- MIICXQIBAAKBgQDC6wd9ui41Qe5aNGmzHtbMd2yflttKESoMHHkuhufHR07goDMP VgOuqvMSLmFdRpnC1qZKnN7NKoUMLqjjNvyVe1VswaW5VhR9RNYCGgQ3+QNMwuiH 9PP3f8zUBuevBe48YqJsGcr5U6MX4InYq6kDR+dfMKeBTFTWq7YM1+1g5QIDAQAB AoGAN56zc4gGGYJnzmu4YbmCF7RYVa3Jg3gkZHJXjhRG3VGWy3hLOawUvunfFKgR dnln9PYlW5Mp7KeecZx66uNM7acjaEkZ7Wxlz+96WJhgji3TARMZ+cf7cWJvtrTq SYPGGb9N42SxKOkISobACNATxR8xjvTONnb4LFNqP9nVIr0CQQDsg0XBMLf3OykN yqmbR4y/MltJj63AsRLXlsoGExnbv31SM3Z0y/O1lIw4MYbqa6Ybd7NY0vTPD+QK keXJDo4nAkEA0vpn/Z7YhIunBDZ6o7WOfLndZAFMZjW0n6dwDAO1WNchARRJe3u1 MPcvLGVpgQCfZugiI63mlqrmc6h7RbkMEwJAY5UaJ6+lpdko/f+YziKgJljDiwON +xYTguaghVJBjv7fe17jv2WoZYn4SCjCT62nsOUDhKC+Jvjf4XtwrukL/QJBALGt s1Bzq1MNLa4tl2Ex8Pr3qQykz0uw5Roj8AgeQ2a7Xo9DH5OAHptLQQ45pf2/oX8P 9lhoBy9SZFx5Qr/4VMMCQQDdGpJr42APGX6jKyKCJTzZvNLpnybLm2TZDeBP7DO7 oXMJT86I+9XR47Q5y72hGTbyVbNcEM2D6mBkSPXFHLPF -----END RSA PRIVATE KEY----- -----BEGIN CERTIFICATE----- MIICGzCCAYSgAwIBAgIJAMG+lqUlw9emMA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNV BAMTCW15dGVzdGtleTAeFw0wOTAxMTYwMzU1NThaFw0xMDAxMTYwMzU1NThaMBQx EjAQBgNVBAMTCW15dGVzdGtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA wusHfbouNUHuWjRpsx7WzHdsn5bbShEqDBx5Lobnx0dO4KAzD1YDrqrzEi5hXUaZ wtamSpzezSqFDC6o4zb8lXtVbMGluVYUfUTWAhoEN/kDTMLoh/Tz93/M1AbnrwXu PGKibBnK+VOjF+CJ2KupA0fnXzCngUxU1qu2DNftYOUCAwEAAaN1MHMwHQYDVR0O BBYEFFzAzSCi+Y9sVZNsbVpev2FIvSADMEQGA1UdIwQ9MDuAFFzAzSCi+Y9sVZNs bVpev2FIvSADoRikFjAUMRIwEAYDVQQDEwlteXRlc3RrZXmCCQDBvpalJcPXpjAM BgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBALuqhYv6Dk7CMe1vdXk+J2MW ULg9QQsuXbsc3dYjv3uedJ8psLQ+n0RjYihbSk+459tBpM/afZaSw/m25HgYajWP Pgrjg7x81CXzj5GVxln8+Z0CclCUeQQlMrNJfefaAhZcyu2BmTqzS0ai3Fl3O3GV 6LUp2qqOYvS0Tn9gAPPg -----END CERTIFICATE----- $ openssl pkcs8 -in testkey.pem -out oauthkey.pem -topk8 -nocrypt -outform PEM $ cat oauthkey.pem -----BEGIN PRIVATE KEY----- MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMLrB326LjVB7lo0 abMe1sx3bJ+W20oRKgwceS6G58dHTuCgMw9WA66q8xIuYV1GmcLWpkqc3s0qhQwu qOM2/JV7VWzBpblWFH1E1gIaBDf5A0zC6If08/d/zNQG568F7jxiomwZyvlToxfg idirqQNH518wp4FMVNartgzX7WDlAgMBAAECgYA3nrNziAYZgmfOa7hhuYIXtFhV rcmDeCRkcleOFEbdUZbLeEs5rBS+6d8UqBF2eWf09iVbkynsp55xnHrq40ztpyNo SRntbGXP73pYmGCOLdMBExn5x/txYm+2tOpJg8YZv03jZLEo6QhKhsAI0BPFHzGO 9M42dvgsU2o/2dUivQJBAOyDRcEwt/c7KQ3KqZtHjL8yW0mPrcCxEteWygYTGdu/ fVIzdnTL87WUjDgxhuprpht3s1jS9M8P5AqR5ckOjicCQQDS+mf9ntiEi6cENnqj tY58ud1kAUxmNbSfp3AMA7VY1yEBFEl7e7Uw9y8sZWmBAJ9m6CIjreaWquZzqHtF uQwTAkBjlRonr6Wl2Sj9/5jOIqAmWMOLA437FhOC5qCFUkGO/t97XuO/ZahlifhI KMJPraew5QOEoL4m+N/he3Cu6Qv9AkEAsa2zUHOrUw0tri2XYTHw+vepDKTPS7Dl GiPwCB5DZrtej0Mfk4Aem0tBDjml/b+hfw/2WGgHL1JkXHlCv/hUwwJBAN0akmvj YA8ZfqMrIoIlPNm80umfJsubZNkN4E/sM7uhcwlPzoj71dHjtDnLvaEZNvJVs1wQ zYPqYGRI9cUcs8U= -----END PRIVATE KEY----- $ After this, I edit the file java/common/conf/shindig.properties and change : shindig.signing.key-name= shindig.signing.key-file= to : shindig.signing.key-name=mytestkey shindig.signing.key-file=/Path/To/Shindig/config/oauthkey.pem $ mvn clean install $ mvn -Prun to test it, I used the code available there : http://wiki.opensocial.org/index.php?title=Validating_Signed_Requests#Java I replaced the static CERTIFICATE with my certificate generated previously: private final static String CERTIFICATE = "-----BEGIN CERTIFICATE-----\n" + "MIICGzCCAYSgAwIBAgIJAMG+lqUlw9emMA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNV\n" + "BAMTCW15dGVzdGtleTAeFw0wOTAxMTYwMzU1NThaFw0xMDAxMTYwMzU1NThaMBQx\n" + "EjAQBgNVBAMTCW15dGVzdGtleTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA\n" + "wusHfbouNUHuWjRpsx7WzHdsn5bbShEqDBx5Lobnx0dO4KAzD1YDrqrzEi5hXUaZ\n" + "wtamSpzezSqFDC6o4zb8lXtVbMGluVYUfUTWAhoEN/kDTMLoh/Tz93/M1AbnrwXu\n" + "PGKibBnK+VOjF+CJ2KupA0fnXzCngUxU1qu2DNftYOUCAwEAAaN1MHMwHQYDVR0O\n" + "BBYEFFzAzSCi+Y9sVZNsbVpev2FIvSADMEQGA1UdIwQ9MDuAFFzAzSCi+Y9sVZNs\n" + "bVpev2FIvSADoRikFjAUMRIwEAYDVQQDEwlteXRlc3RrZXmCCQDBvpalJcPXpjAM\n" + "BgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBALuqhYv6Dk7CMe1vdXk+J2MW\n" + "ULg9QQsuXbsc3dYjv3uedJ8psLQ+n0RjYihbSk+459tBpM/afZaSw/m25HgYajWP\n" + "Pgrjg7x81CXzj5GVxln8+Z0CclCUeQQlMrNJfefaAhZcyu2BmTqzS0ai3Fl3O3GV\n" + "6LUp2qqOYvS0Tn9gAPPg\n" + "-----END CERTIFICATE-----"; And changed the consumer key "orkut.com" to "mytestkey". After building, deploying this to another app serveradn testing with the sample container, I'm getting this in the gadget: *** OAuthMessage Params: URL: http://localhost:8080/sampleSignedFetch Param Name-->oauth_consumer_key Value-->shindig Param Name-->oauth_nonce Value-->1232079905572128000 Param Name-->opensocial_app_id Value-->6218 Param Name-->opensocial_app_url Value-->http://localhost:8080/rest/jcr/repository/gadgets/gadget-886818720.xml Param Name-->opensocial_viewer_id Value-->john.doe Param Name-->oauth_timestamp Value-->1232079905 Param Name-->opensocial_owner_id Value-->john.doe Param Name-->oauth_signature Value-->pPPUoVjnxgANpvfTjdI6Z9aCP4RnRbx0lPv0gZHcvJSThlor0cB8Qhb+eAAVk18nZ8ZtZx0QrK+bCoD6yDIOGgXm6rOQB3d+qodtGwMDfXLy+fvHqOPmDlupUg4wbmrhmyEYNNmGn8LFsd9O9JPSrGFFQshs5ySNw46Q0D1upu0= Param Name-->xoauth_signature_publickey Value-->mytestkey Param Name-->oauth_signature_method Value-->RSA-SHA1 Param Name-->oauth_version Value-->1.0 VALIDATING SIGNATURE OAuthProblemException-->signature_invalid Does anyone has an idea of what is wrong with what I am doing? Did I missed something? Thanks, Jeremi
