Great that helps a lot. When I removed the Oauth section of the gadget spec and changed:
params[gadgets.io.RequestParameters.OAUTH_USE_TOKEN] = "always"; to: params[gadgets.io.RequestParameters.OAUTH_USE_TOKEN] = "never"; it worked - I started seeing requests hitting my server running on port 3000. A request looks like this: http://localhost:3000/widgets/test?oauth_body_hash=2jmj7l5rSw0yVb%2FvlWAYkK%2FYBwk%3D&opensocial_owner_id=john.doe&opensocial_viewer_id=john.doe&opensocial_app_id=appid&opensocial_app_url=url&oauth_consumer_key=cont&xoauth_signature_publickey=mytestkey&oauth_version=1.0&oauth_timestamp=1241034402&oauth_signature_method=RSA-SHA1&oauth_nonce=72801342607352&oauth_signature=yMXO%2BhbbueVH%2F9DsS8vMSySGIj47t46%2BTmFVNOsCGUAvbcE3QjjE9sSeuloZ%2BhQ%2FxPSsW9PDgQuOAfYVR0z1ywuXb6MRhbqe1hvJsiRxdhmqlja%2B%2BjGPeDlOD4R1pDnpxoXLqqFSs%2FQK0iEZJY1Y2Ds7ZWVDVmoC1HLI8SV9Pg4%3D A couple of questions - can someone tell me how to tell shindig to put the oauth parameters and signature in the Authorization http header? I see from: http://code.google.com/apis/gadgets/docs/oauth.html#ModulePrefs That the params should default to going into the header, but I don't see that happening here. Also, I'm assuming that the opensocial_owner_id of john.doe which seems to be coming from the default security token on line 386 of gadgets.js. I guess in my code I need to pass in my own security token when creating the gadget. Is there a way I can have shindig send the owner_id as xoauth_requestor_id instead of opensocial_owner_id? Thank You! Dylan On Wed, Apr 29, 2009 at 10:58 AM, Brian Eaton <[email protected]> wrote: > If you don't want the user to do the "oauth dance", you shouldn't > specify OAUTH_USE_TOKEN = "always" to makeRequest. That tells Shindig > that you expect the dance to have already happened, and if not to > start it. > > You can also drop the entire <OAuth> stanza from your XML spec, since > that is only used for three-legged OAuth. > > Here's some doc on two-legged OAuth: > http://wiki.opensocial.org/index.php?title=Introduction_to_makeRequest > > On Wed, Apr 29, 2009 at 9:45 AM, Dylan Vaughn > <[email protected]> wrote: >> Hello, >> >> I'm working on incorporating Shindig as a gadget rendering server in >> my application. I am trying to figure out how to have a gadget make >> an oauth signed call back to my main application without the user >> having to go through the 'oauth dance'. I have code in my test gadget >> (accessible at http://localhost:3000/widgets/1.xml) that looks like >> this: >> >> <?xml version="1.0" encoding="UTF-8"?> >> <Module> >> <ModulePrefs title="OAuth Example"> >> <Require feature="opensocial-0.7"/> >> <Require feature="setprefs"> >> <OAuth> >> <Service name="myapp"> >> <Access url="http://localhost:3000/widgets/access"/> >> <Request url="http://localhost:3000/widgets/request"/> >> <Authorization >> url="http://localhost:3000/widgets/auth?oauth_callback=http://localhost:3000/widgets/return"/> >> </Service> >> </OAuth> >> </Require> >> </ModulePrefs> >> <Content type="html"> >> <![CDATA[<script type="text/javascript"> >> function showResponse(data) { >> if (data && data.data) { >> alert(data.data); >> } else { >> alert('error'); >> } >> } >> function init() { >> var params = {}; >> params[gadgets.io.RequestParameters.CONTENT_TYPE] = >> gadgets.io.ContentType.JSON; >> params[gadgets.io.RequestParameters.AUTHORIZATION] = >> gadgets.io.AuthorizationType.OAUTH; >> params[gadgets.io.RequestParameters.OAUTH_SERVICE_NAME] = "myapp"; >> params[gadgets.io.RequestParameters.OAUTH_USE_TOKEN] = "always"; >> params[gadgets.io.RequestParameters.METHOD] = gadgets.io.MethodType.GET; >> gadgets.io.makeRequest("http://localhost:3000/widgets/test";, >> showResponse, params); >> } >> gadgets.util.registerOnLoadHandler(init); >> </script> >> Hi there!! >> ]]> >> </Content> >> </Module> >> >> And then in config/oauth.json I have a stanza like this: >> >> "http://localhost:3000/widgets/1.xml"; : { >> "myapp" : { >> "consumer_key" : "myappConsumerKey", >> "consumer_secret" : "myappSecret", >> "key_type" : "HMAC_SYMMETRIC" >> } >> } >> >> When I have shindig render this gadget and look at the shindig logs, >> it returns this error: >> >> WARNING: OAuth fetch fatal error >> OAuth error [UNKNOWN_PROBLEM, Could not fetch gadget spec] for >> application url. Request trace: >> ==== Original request: >> GET /widgets/test >> >> Host: localhost:3000 >> X-Shindig-AuthType: oauth >> X-shindig-dos: on >> >> >> ==== >> org.apache.shindig.gadgets.oauth.OAuthResponseParams$OAuthRequestException: >> [UNKNOWN_PROBLEM,Could not fetch gadget spec] >> at >> org.apache.shindig.gadgets.oauth.OAuthResponseParams.oauthRequestException(OAuthResponseParams.java:267) >> at >> org.apache.shindig.gadgets.oauth.OAuthResponseParams.oauthRequestException(OAuthResponseParams.java:248) >> at >> org.apache.shindig.gadgets.oauth.GadgetOAuthTokenStore.findSpec(GadgetOAuthTokenStore.java:313) >> at >> org.apache.shindig.gadgets.oauth.GadgetOAuthTokenStore.lookupSpecInfo(GadgetOAuthTokenStore.java:129) >> at >> org.apache.shindig.gadgets.oauth.GadgetOAuthTokenStore.getOAuthAccessor(GadgetOAuthTokenStore.java:95) >> at >> org.apache.shindig.gadgets.oauth.OAuthRequest.fetchNoThrow(OAuthRequest.java:190) >> at >> org.apache.shindig.gadgets.oauth.OAuthRequest.fetch(OAuthRequest.java:174) >> at >> org.apache.shindig.gadgets.http.DefaultRequestPipeline.execute(DefaultRequestPipeline.java:80) >> at >> org.apache.shindig.gadgets.servlet.MakeRequestHandler.fetch(MakeRequestHandler.java:85) >> at >> org.apache.shindig.gadgets.servlet.MakeRequestServlet.doGet(MakeRequestServlet.java:55) >> at >> org.apache.shindig.gadgets.servlet.MakeRequestServlet.doPost(MakeRequestServlet.java:67) >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:820) >> at >> org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:502) >> at >> org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1148) >> at >> org.apache.shindig.auth.AuthenticationServletFilter.callChain(AuthenticationServletFilter.java:123) >> at >> org.apache.shindig.auth.AuthenticationServletFilter.doFilter(AuthenticationServletFilter.java:86) >> at >> org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1139) >> at >> org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:378) >> at >> org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216) >> at >> org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181) >> at >> org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765) >> at >> org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:417) >> at >> org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:230) >> at >> org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114) >> at >> org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152) >> at org.mortbay.jetty.Server.handle(Server.java:324) >> at >> org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:535) >> at >> org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:880) >> at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:747) >> at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:218) >> at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404) >> at >> org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409) >> at >> org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:520) >> Caused by: org.apache.shindig.gadgets.GadgetException: Url url does >> not include scheme >> at >> org.apache.shindig.gadgets.http.DefaultRequestPipeline.normalizeProtocol(DefaultRequestPipeline.java:109) >> at >> org.apache.shindig.gadgets.http.DefaultRequestPipeline.execute(DefaultRequestPipeline.java:55) >> at >> org.apache.shindig.gadgets.DefaultGadgetSpecFactory.fetchFromNetwork(DefaultGadgetSpecFactory.java:183) >> at >> org.apache.shindig.gadgets.DefaultGadgetSpecFactory.fetchObject(DefaultGadgetSpecFactory.java:140) >> at >> org.apache.shindig.gadgets.DefaultGadgetSpecFactory.getGadgetSpec(DefaultGadgetSpecFactory.java:89) >> at >> org.apache.shindig.gadgets.oauth.GadgetOAuthTokenStore.findSpec(GadgetOAuthTokenStore.java:308) >> ... 31 more >> >> When trying to figure out what's going on, it looks like this error is >> thrown when there is a post call to >> http://localhost:8080/gadgets/makeRequest (my shindig install). >> However, when it tries to fetch the gadget spec for this (not sure why >> it is doing this), the getURL() call on the GadgetContext just returns >> 'url', which fails in the fetchFromNetwork call. >> >> I feel like I may be missing some big steps here. If I could just get >> shindig to try to hit my other server on port 3000, that would be good >> progress. I think also I need to be doing something with security >> tokens, but I'm not sure what... >> >> Can someone point me in the right direction? >> >> Thanks! >> >> Dylan >> > -- Digitaria Dylan Vaughn Manager, Emerging Technologies phone: 619 237 5552 x309 fax: 619 237 5269 http://www.digitaria.com
