OAuth 2.0 bearer token support is enabled for browser->container RPC requests already.
So if you have an OAuth 2.0 implementation you can just write an appropriate SecurityTokenCodec and you're set. I have not added support for OAuth 2.0 for osapi.http or makerequest, nor have I provided a sample authorization endpoint or a refresh endpoint. Now that OAuth 2.0 is solidifying it might be a good idea to work on this. On Mon, Apr 11, 2011 at 10:10 AM, Andrew Davis <[email protected]>wrote: > All, (especially Paul, John) > > Can you give me a pointer to plans for dropping OAuth 2.0 into shindig 3.0? > > > Even just a date for when we will start seeing the commits? For those of us > making plans to be an OpenSocial 2.0 container we are trying to evaluate > what additional work we would need to do beyond implementing the modules we > do today for 1.0a(OAuthStore, etc) > > --Andrew Davis > > -- Paul Lindner -- [email protected] -- linkedin.com/in/plindner
