[jira] [Commented] (SHINDIG-1773) Content proxy needs to support proxy for OAuth protected resources

Tue, 15 May 2012 15:43:30 -0700 

    [ 
https://issues.apache.org/jira/browse/SHINDIG-1773?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13276299#comment-13276299
 ] 

Rich Thompson commented on SHINDIG-1773:
----------------------------------------

I agree that a sample gadget using this functionality would be helpful, but I 
think the lead in statement for why is too strong. My read of section 12 of the 
gadget spec (e.g. 
http://opensocial-resources.googlecode.com/svn/spec/2.0.1/Core-Gadget.xml#OAuth)
 requires more OAuth support than the rest of the specs explicitly call out. 
Specifically:

"As mentioned previously in this specification and other OpenSocial 2.0 
specifications, OpenSocial containers MUST be able to proxy OAuth requests for 
gadgets. The main mechanism used to accomplish proxy requests is the 
gadgets.io.makeRequest (Section 13.2.1.3) method."

While makeRequest is expected to be the main mechanism (and certainly is the 
focus throughout the specs), but the MUST statement relative to support is much 
broader and certainly applies to the use case driving this JIRA; namely, 
supporting accessing protected resources through the content proxy.
                
> Content proxy needs to support proxy for OAuth protected resources
> ------------------------------------------------------------------
>
>                 Key: SHINDIG-1773
>                 URL: https://issues.apache.org/jira/browse/SHINDIG-1773
>             Project: Shindig
>          Issue Type: New Feature
>          Components: Java
>    Affects Versions: 2.5.0, 3.0.0
>            Reporter: Xiao Feng Yu
>             Fix For: 2.5.0, 3.0.0
>
>   Original Estimate: 48h
>  Remaining Estimate: 48h
>
> There are many cases that some resource are protected by OAuth and they are 
> desired to be accessed via content proxy instead of makeRequest calls, for 
> example, images in user's album.  User should be able to specify OAuth 
> parameter in getProxyUrl call and get a proxy url to access the protected 
> resources.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to