Thanks Paul, Twitter implements OAuth2?! If no, why would LinkedIn Tweets App expect OAuth 2 support in proxy?
I see your changes to UrlParameterAuthenticationHandler for the reverse situation, hopefully v2 draft's rev 10 stays, Facebook for instance doesn't use "oauth_token" but "access_token" as URL param. - Murali. > On Wed, Aug 25, 2010 at 6:31 AM, Paul Lindner <[email protected]> wrote: > Hi Murali, > > Definitely there will need to be some work to get OAuth 2 into the proxy > for > use with gadgets. Since we currently use this feature for the LinkedIn > Tweets App it would make the flow much simpler. > > For the reverse situation I've made some progress in syntactically > supporting oauth2 requests for incoming rpc/rest requests. It turns out > the > venerable 'security token' has the exact same semantics as an oauth2 access > token. You can see some of this early work in > UrlParameterAuthenticationHandler. > > To fully support server-side OAuth2 we will also need to add the UI > functionality to SampleOAuthServlet, shouldn't be too hard. If anyone has > spare cycles to work on this I can provide more guidance. If not I may get > to it in a couple of weeks. > > On Tue, Aug 24, 2010 at 3:26 PM, Murali VP <[email protected]> wrote: > > > A few days ago Brian Eaton posted "OAuth WRAP client support in Shindig?" > > > > What is the status of this effort? > > > > The change ins't confined to just OAuthRequest if spec changes needed are > > also taken into consideration. > > > > The gadget spec has to change to introduce a new element (say OAuth2) in > > the > > ModulePrefs - hence a schema change. Is there a proposal for what the new > > module pref for oauth2 would look like? > > > > Say something like this? > > > > <OAuth2> > > <Service name="facebook"> > > <Access url="https://graph.facebook.com/oauth/access_token"; > > method="GET"/> > > <Authorization url=" > > > > > https://graph.facebook.com/oauth/authorize?scope=user_photos,user_videos,publish_stream,read_stream > > "/> > > </Service> > > </OAuth2> > > > > > > This means, the whole org.apache.shindig.gadgets.spec package has to > change > > to support OAuth2. Any proposals or committers working on such changes? > > > > thanks > > - Murali. > > > > > > -- > Paul Lindner -- [email protected] -- linkedin.com/in/plindner >
