8月 14 2009
OpenSocial Signed Request Library(PHP) Beta
Signed Request in OpenSocial is a convenient solution for gadget developers to verify their remote content request is not spoofed. You can pick signature attached to the request and verify that no params are changed, added or removed.
Implementing this is not difficult, but since I don’t see any library, easy to use out of the box, I hereby introduce opensocial-signed-request-php-library as beta.
This library is using OAuth Library on Google Code. Major container’s public keys are included: orkut, Google, Friendster, hi5, hyves, Netlog, mixi and goo Home.
How to use
Check out from Google Code:
svn checkout http://opensocial-signed-request-php-library.googlecode.com/svn/trunk/ opensocial-signed-request-php-library-read-only
Looking at sample implementation should be the easiest way to learn. Instantiate SignedRequestValidator with gadget’s url, do validate_request(). that’s it. If validation fails, library will respond 401 and die. Further code can be written after that. It’s that simple.
Other known libraries
There’s a few libraries doing similar things, I know useful.
- Google AppEngine Python, Django library: gaeoauth
- Apache module: mod_auth_opensocial
Give me feedback
opensocial-signed-request-php-library should work straight. But in case you find bug, better API, please give me feedback. It’s still beta :)
このブログで関連すると思われる他の投稿
View Comments
(17)
(0)
(3)
(1)
Total: 21