Running the Demo Gadgets

You will need Google and Facebook accounts and registered applications for these steps....

http://code.google.com/apis/accounts/docs/OAuth2.html

http://developers.facebook.com/docs/authentication/

The redirect_uris for your applications must match the oauth2callback servlet in your shindig environment.

For instance : http://localhost:8080/gadgets/oauth2callback

  1. Extract the Shindig trunk from https://svn.apache.org/repos/asf/shindig/
  2. Apply the patch from https://reviews.apache.org/r/1947/diff/raw
  3. Edit config/oauth2.json - replace the client_id and client_secret placeholders in the "googleApi_client1" and "facebook_client1" clients with the applications you created.  Make sure to keep your OAuth 2.0 secrets secret.
  4. Build and deploy the shindig WAR.
  5. Run the common container and add the "OAuth2 Demo with Google Provider" or "OAuth2 Demo with Facebook Provider".
  6. Click the "Personalize this gadget" link to initiate the OAuth 2.0 Authorization Code (3-party) flow which will redirect you to the service provider (Google or Fa.cebook) for authorization
  7. Enter your credentials for the service provider, don't worry they are safe and never leave Googe/Facebook.
  8. The service provider will return an authorization code and subsequently access_token to shindig and the gadget's makeRequest() call will pull your Contacts/Friends.
  9. When you are done you can disable your access_token on the service provider site.

Using Google and Facebook and having Google/Facebook accounts and applications is not necessary.  The OAuth 2.0 Consumer should work against any v20 or v21 spec compliant service provider.  It will require writing your gadget and registering it's client in config/oauth2.json

You can also use the Shindig OAuth 2.0 Provider (currently under review) that has been submitted to shindig.  The Consumer contains two sample gadgets that demonstrate the integrated capabilities.

  1. Extract the Shindig trunk from https://svn.apache.org/repos/asf/shindig/
  2. Apply the patch from https://reviews.apache.org/r/1947/diff/raw
  3. Apply the patch from https://reviews.apache.org/r/1940/diff/raw
  4. Run the common container and add the "OAuth2 Demo with Shindig Provider (Authorization Code)" or "OAuth2 Demo with Shindig Provider (Client Credentials)
  5. Client Credentials does not cause a redirect