Hey Laura, The simplest way of creating a security token is to go for the plain text one (the owner:viewer:appid:etc type string).
However you should be able to just directly lift the security token generating code from partuza and things should just-work. If that's not the case chances are that the token cypher and hmac keys are not the same in your shindig and container code, for shindig's config see shindig/php/config/container.php: 'token_cipher_key' => 'INSECURE_DEFAULT_KEY', 'token_hmac_key' => 'INSECURE_DEFAULT_KEY', OAuth isn't relevant in this situation, it's just the security token that's used for the authentication by gadgets. On Thu, Jul 16, 2009 at 11:45 PM, Laura Nathanson <[email protected] > wrote: > Hello again, > > I'm trying to get an extremely bare implementation of Shindig (php) working > with our social networking site. My goal for now is to get a simple gadget > running: one that prints the gadget owner's name. > > I implemented Person service (but no others yet), and I think I'm > generating > the gadget iframe url mostly right. I have made an attempt to include an > encrypted token with the gadget url, following along the lines of how its > done in Partuza. I keep getting back 'invalid token' errors. Until I figure > out where I've gone wrong, I thought I'd just ask: What is the simplest > thing I can get away with to allow this gadget to retrieve data? Do I have > to worry OAuth protocol at this point or can that wait? > > Laura >
