Use Case: A user adds a Gadget to iGoogle and instantly (because they are already logged in) gets access to private storage through a 3rd party server.
In other words: I need to take requests from a gadget running in iGoogle, and validate that the request is from a valid Google account. So, my Gadget would have to obtain some kind of token from Google. Except, I need only a login token. I'm not after contacts, docs, etc... Just the fact that the user is logged in. That token needs to go to my Servlet where the Servlet will validate with Google that the token is a valid. I would catch the results for future requests. I know it must be easy. I have a working Step2 (http:// code.google.com/p/step2) installation, so I'm thinking that could be used. If we can work this out, it would open the door to real stateful secure gadgets that have no registration requirements would actually be very useful. -- You received this message because you are subscribed to the Google Groups "OpenSocial Application Development" group. To post to this group, send email to opensocial-...@googlegroups.com. To unsubscribe from this group, send email to opensocial-api+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/opensocial-api?hl=en.