This method (asking for a login and password) is often used in something called "screen scraping", you login on behalf of the user in the background (using regular posts etc to the service, faking being a normal client) and then parse the html returned to you ..
It's a horribly complex thing to do (reverse engineering how a site works, parsing html, take care of all error cases, etc) and the moment the site changes it's layout or the login workflow your code breaks again. On top of that, it's also very bad practice since the user has to trust you with their most private information: the login and password to their email! Now i'm sure your trust worthy, but statistically speaking not everyone is .. so someone is bound to use and abuse this information and use their client's email credentials to send spam or perform other forms of mischief. So it has been done before, but should never, ever be encouraged and if at all possible be prevented! There's a great alternative available though, OAuth, which has none of the downsides and still allows you full access to the contact list, hence my suggestion to use that instead :) As far as knowing the user id goes, that's not as difficult as you think .. if you login using 3 legged OAuth and then do a request to /rest/people/@me/@self, you'll get a user record back that identifies the current authenticated user, including his name, id, etc. No need to use any login credentials for that either :) On Mon, Jan 12, 2009 at 12:45 PM, Kocherga Daniel <dan.koche...@gmail.com>wrote: > > Thanks for explanation Chris. My general goal was to ask user his > login email and password (for exmple from orkut) and to get his > contacts from social network. So I can login using soething like curl, > but I cannot use any opensocial api, because I don't know the ID of > logged user > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OpenSocial Application Development" group. To post to this group, send email to opensocial-api@googlegroups.com To unsubscribe from this group, send email to opensocial-api+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/opensocial-api?hl=en -~----------~----~----~----~------~----~------~--~---
