Hi Prashant, Thanks a lot for the detailed reply. You have sent many links. I will go through these and get back to you if still something is not clear.
>>> "It seems your purpose would be better solved using the client library, which is not REST and which uses 3-legged OAuth. I believe at the moment we have a much fuller support for RPC than for REST." Yes, exactly. So I need a documentation which can be used to write orkut mobile client in *C++ or Qt. *Probably I can use http://code.google.com/apis/accounts/docs/OAuthForInstalledApps.html . Please let me know if you have better link for my use case. Thanks again for the support. Cheers, Dev On Mon, Jun 28, 2010 at 8:18 PM, <p...@google.com> wrote: > Hi Devendra and Carlos, > > I think the main confusion here is that the OAuth playground > (doc<http://code.google.com/apis/gdata/articles/oauth.html>) > is based on 3-legged OAuth, while the orkut REST documentation mainly > describes how gadget servers can talk to the orkut server using > 2-legged OAuth. I think we should be updating the guide to eliminate any > confusion. > > Please refer to the OAuth documentation in full > here<http://code.google.com/apis/accounts/docs/OAuth.html>, > and then consider the following: > > 1. Yes, HMAC-SHA1 is good. I would use one of the OAuth > libraries<http://oauth.net/code/> to > get my OAuth signature (which is really just the encoded version of > the OAuth shared secret that you got after gadget verification). I have no > idea what exact signing technique they use unless I took a look at their > code, but I can tell you that they are expected to follow the guidelines > laid down > here<http://code.google.com/apis/accounts/docs/OAuth_ref.html#SigningOAuth> > . > > 2. The oauth_token is a term specific to 3-legged OAuth (again, please > follow the OAuth doc above), and that's why you don't find it mentioned in > the guide. > > 3. The OAuth scope is used simply to limit which services your application > has access to. It's not a website on its own. > > 4. That point in question is again specific to the gadget server-orkut > server conversation, where "application" is a gadget that you install, which > then authorises the gadget server to be able to pull your profile data. > > It seems your purpose would be better solved using the client library, > which is not REST and which uses 3-legged OAuth. I believe at the moment we > have a much fuller support for RPC than for REST. > > I hope that helps! > Prashant > > -- > You received this message because you are subscribed to the Google Groups > "orkut Developer Forum" group. > To post to this group, send email to opensocial-or...@googlegroups.com. > To unsubscribe from this group, send email to > opensocial-orkut+unsubscr...@googlegroups.com<opensocial-orkut%2bunsubscr...@googlegroups.com> > . > For more options, visit this group at > http://groups.google.com/group/opensocial-orkut?hl=en. > -- You received this message because you are subscribed to the Google Groups "orkut Developer Forum" group. To post to this group, send email to opensocial-or...@googlegroups.com. To unsubscribe from this group, send email to opensocial-orkut+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/opensocial-orkut?hl=en.