Pulling personal data out of OpenSocial containers and into a standalone website
I've been struggling with the OpenSocial docs and various samples,
trying to find a way to pull my personal data out of my Orkut profile.
Google Friend Connect Chow Down sample. I didn't fully understand
what was going on, but I saw that I'd need a consumer key & secret.
(I just learned about GFC yesterday and am still trying to figure out
what it can and can't do.) I created my own gadget.xml, uploaded it to a server, and added it to
my Orkut sandbox profile page. I verified my ownership of gadget.xml
with Google's "Gadget Ownership Verification" tool, at
https://www.google.com/gadgets/directory/verify. That gave me my
Orkut gadget consumer key and secret. Then, I discovered some interesting info here:
http://sites.google.com/site/oauthgoog/2leggedoauth/2opensocialrestapi
1. Orkut only supports 2-legged OAuth.
2. A 3rd party site containing no gadget needs to use 3-legged OAuth
to retrieve a user's Orkut profile data. What is 3-legged OAuth? For example: your website has a "Login with
Twitter" link that sends you to Twitter for approval, upon which
Twitter sends you back to your website with an access token. In contrast, a 2-legged OAuth example: your Orkut (or Hi5, Ning,
MySpace, whatever) gadget requests data from your own personal API
server, for use in the gadget itself. In this case, your gadget uses
a shared secret from the OpenSocial container to sign its requests. I guess I have 3 options now:
1. Give in and have everything live inside of an Orkut gadget
2. Create an Orkut gadget that pushes my profile data to my server and
then sends me to my website
3. Switch to another OpenSocial container that supports 3-legged OAuth
(if any exist) or to another social media site that has it (Twitter?
maybe Facebook Connect?) To be continued...
Posted by Audrey M Roy
