Thanks so much for your update. All the best for a great 2009. Looking forward to see this feature working. cheers Patrick
On Dec 24, 7:34 am, Arne Roomann-Kurrik <api.kur...@google.com> wrote: > That's great, nothing like curling up in front of a fire with a warm mug of > Glögg ;) > > ~Arne > > On Tue, Dec 23, 2008 at 12:11 PM, Peter Svensson <psvens...@gmail.com>wrote: > > > > > Give them all my (agnostic) Christmas blessings, Arne!! That's great news! > > Also, extra free Swedish Glögg coupons for taking the time to tell us, in > > the midst of everything > > . > > Merry Christmas!! > > > Cheers, > > PS > > > On Tue, Dec 23, 2008 at 9:04 PM, Arne Roomann-Kurrik < > > api.kur...@google.com> wrote: > > >> Yes, the team has made this a priority feature. Here's hoping it > >> comes out soon ;) > > >> ~Arne > > >> On Dec 21, 10:38 pm, "Peter Svensson" <psvens...@gmail.com> wrote: > >> > Aparently, Google foes not support signed requests for GFC right now, > >> but it > >> > is coming. > > >> > I blogged about it here (update at bottom); > > >> >http://unclescript.blogspot.com/2008/12/google-friend-connect-site.html > > >> > Cheers, > >> > PS > > >> > On Mon, Dec 22, 2008 at 4:59 AM, Patrick Ellul <ellulpatr...@gmail.com > >> >wrote: > > >> > > also, it seems like the following imporant parameters are also not > >> > > sent by the container: > > >> > > opensocial_* example opensocial_viewer_id > >> > > oauth_* example oauth_consumer_key > > >> > > On Dec 22, 2:44 pm, Patrick Ellul <ellulpatr...@gmail.com> wrote: > >> > > > Oh I have the same issue... I really need signed requests! > > >> > > > On Dec 19, 6:12 am, "Peter Svensson" <psvens...@gmail.com> wrote: > > >> > > > > Thank you!!! > > >> > > > > I mean - Argh! But thanks for the information :) > >> > > > > Do you know about how much this have a priority? > > >> > > > > Cheers, > >> > > > > PS > > >> > > > > On Thu, Dec 18, 2008 at 7:21 PM, Kevin Marks < > >> kevinma...@gmail.com> > >> > > wrote: > >> > > > > > Signed Requests are not yet supported by GoogleFriendConnect- > >> this is > >> > > > > > coming in a future release. > > >> > > > > > On Thu, Dec 18, 2008 at 9:39 AM, Peter Svensson < > >> psvens...@gmail.com > >> > > >wrote: > > >> > > > > >> John, > >> > > > > >> thanks for the idea. That might be good enough security, but > >> > > consider > >> > > > > >> that you're open to bots (or humans) registering themselves > >> with > >> > > stolen ids. > >> > > > > >> I would prefer if Google provided a simple functionality to > >> > > authenticate > >> > > > > >> users, a kind of 'quick path', since it would be so usable, and > >> is > >> > > asked > >> > > > > >> from many different corners. > > >> > > > > >> Cheers, > >> > > > > >> PS > > >> > > > > >> On Thu, Dec 18, 2008 at 6:08 PM, John Weidner < > >> studyst...@gmail.com > >> > > >wrote: > > >> > > > > >>> I just wrote a custom gadget that prompts for a username and > >> > > > > >>> password. Then I usemakeRequestto send these credentials > >> along > >> > > > > >>> with their open social viewerId. On the server side, if the > >> > > username > >> > > > > >>> and password are correct, I store the viewerId in my user > >> database > >> > > for > >> > > > > >>> that user. So now I know the viewerId for these users. But > >> I'm > >> > > > > >>> currently doing this without signed authentication. > > >> > > > > >>> On Dec 15, 7:19 am, psvensson <psvens...@gmail.com> wrote: > >> > > > > >>> > I just want to report back to my server the > >> uniquefriendconnectid > >> > > > > >>> > and basic info of the current viewer. How hard can it be? > > >> > > > > >>> > I might not have understood how to do this correctly, but > >> here's > >> > > what > >> > > > > >>> > I have done; > > >> > > > > >>> > 1. I have made sure thatfriendconnectworks on my site > >> canvas, > >> > > rpc- > >> > > > > >>> > html, basic widgets and all that jazz. > >> > > > > >>> > 2. I have made a simple custom widget, I call osaccess.xml > >> which > >> > > gets > >> > > > > >>> > pulled in OK (Which I can see in firebug. It's of course > >> proxied > >> > > by a > >> > > > > >>> > google server, but the content that gets in the browser is > >> the > >> > > same > >> > > > > >>> > that I wrote). > >> > > > > >>> > 3. From JS inside that custom widget, I make a request back > >> to my > >> > > > > >>> > server. It works fine if I use NONE as authorizationtype. > >> > > > > >>> > 4. When I switch to SIGNED, I want to utilize that the > >> google > >> > > proxy > >> > > > > >>> > guarantees id, and packs a lot of good info about the > >> > > user/viewer. > > >> > > > > >>> > The code looks like this; > > >> > > > > >>> > function foo() > >> > > > > >>> > { > >> > > > > >>> > ..... > >> > > > > >>> > var params = {}; > > >> params[gadgets.io.RequestParameters.CONTENT_TYPE] > >> > > = > >> > > > > >>> > gadgets.io.ContentType.TEXT; > > >> > > params[gadgets.io.RequestParameters.AUTHORIZATION] = > >> > > > > >>> > gadgets.io.AuthorizationType.SIGNED; > > >> > > params[gadgets.io.RequestParameters.REFRESH_INTERVAL] > >> > > > > >>> > = 5; > >> > > > > >>> > var url = " > >>http://howtobethechange.appspot.com/ > >> > > > > >>> > osaccess/"; > >> > > > > >>> > console.log("calling url... '"+url+"'"); > >> > > > > >>> > gadgets.io.makeRequest(url, reqcb, params); > >> > > > > >>> > }; > > >> > > > > >>> > function reqcb(data) > >> > > > > >>> > { > >> > > > > >>> > console.log("reqcb called...."); > >> > > > > >>> > console.dir(data); > >> > > > > >>> > } > > >> > > > > >>> > The reqcb always reply "404: not found" when I use SIGNED. > > >> > > > > >>> > What is it that is not found? > > >> > > > > >>> > Where can I read about examples on how to set this up. It > >> seems > >> > > to be > >> > > > > >>> > the absolutely single first, top of mind, thing that any > >> > > pgroammer > >> > > > > >>> > want to do and sort of _the whole point_ offriendconnect- to > >> > > report > >> > > > > >>> > back the certified user id of the current viewer to the site > >> > > hosting > >> > > > > >>> > the widgets. > > >> > > > > >>> > What am I missing? > > >> > > > > >>> > I should point out that I have registered my site athttps:// > >> > > > > >>>www.google.com/accounts/ManageDomains, using a x.509 PEM > >> > > > > >>> > certificate. It feels like there is a 'magic' url I have to > >> > > provide > >> > > > > >>> > (though I can't find any access from any google proxies or > >> > > anything > >> > > > > >>> > else when running the script). > > >> > > > > >>> > Very thankful for any advice. > > >> > > > > >>> > Cheers, > >> > > > > >>> > PS > > -- > OpenSocial IRC - irc://irc.freenode.net/opensocial --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OpenSocial Application Development" group. To post to this group, send email to opensocial-api@googlegroups.com To unsubscribe from this group, send email to opensocial-api+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/opensocial-api?hl=en -~----------~----~----~----~------~----~------~--~---