Hi Murali, Definitely there will need to be some work to get OAuth 2 into the proxy for use with gadgets. Since we currently use this feature for the LinkedIn Tweets App it would make the flow much simpler.
For the reverse situation I've made some progress in syntactically supporting oauth2 requests for incoming rpc/rest requests. It turns out the venerable 'security token' has the exact same semantics as an oauth2 access token. You can see some of this early work in UrlParameterAuthenticationHandler. To fully support server-side OAuth2 we will also need to add the UI functionality to SampleOAuthServlet, shouldn't be too hard. If anyone has spare cycles to work on this I can provide more guidance. If not I may get to it in a couple of weeks. On Tue, Aug 24, 2010 at 3:26 PM, Murali VP <[email protected]> wrote: > A few days ago Brian Eaton posted "OAuth WRAP client support in Shindig?" > > What is the status of this effort? > > The change ins't confined to just OAuthRequest if spec changes needed are > also taken into consideration. > > The gadget spec has to change to introduce a new element (say OAuth2) in > the > ModulePrefs - hence a schema change. Is there a proposal for what the new > module pref for oauth2 would look like? > > Say something like this? > > <OAuth2> > <Service name="facebook"> > <Access url="https://graph.facebook.com/oauth/access_token"; > method="GET"/> > <Authorization url=" > > https://graph.facebook.com/oauth/authorize?scope=user_photos,user_videos,publish_stream,read_stream > "/> > </Service> > </OAuth2> > > > This means, the whole org.apache.shindig.gadgets.spec package has to change > to support OAuth2. Any proposals or committers working on such changes? > > thanks > - Murali. > -- Paul Lindner -- [email protected] -- linkedin.com/in/plindner
