Mike, Your OAuthStore is responsible for encrypting/decrypting the secrets.
The OAuth2Encrypter interface is there because of the lessons learned from writing custom OAuth 1 stores. On Tue, May 22, 2012 at 2:43 PM, Michael Matthews <matth...@oclc.org> wrote: > I'm adding an OAuth 1.0 OAuthStore implementation to our OpenSocial > container so that gadgets can invoke services secured by OAuth 1. > > I created a custom implementation of > org.apache.shindig.gadgets.oauth.OAuthStore and have it persisting all > OAuth > 1 data to a relational database. I'd like to make sure that all OAuth 1 > secrets are encrypted. In our OAuth2 implementation, there was a > OAuth2Encrypter interface we implemented and it encrypted the OAuth2 > secrets. In the OAuth 1 implementation, is the OAuthStore implementation > responsible for encrypting/decrypting secrets as they're read/written to a > database? > > Thanks > Mike >
