On Fri, Sep 5, 2008 at 3:26 PM, Brian Eaton <[EMAIL PROTECTED]> wrote:
> On Fri, Sep 5, 2008 at 3:22 PM, Kevin Brown <[EMAIL PROTECTED]> wrote: > > Only if the container isn't providing a security token. > > Yes, that can happen. That's how John reproduced the crash to begin with. > =) > > igoogle, for example, doesn't need/supply a security token for most > gadgets, and I'd expect that to remain true for quite a while. igoogle isn't using Shindig, either, and when they are they have to provide security token anyway, because signed fetch needs it and there's no way to know in advance whether or not a gadget uses it without parsing the content. > > >> > Three legged oauth simply fails (no stored tokens for the anonymous > >> user). > >> > >> Unfortunately that isn't true today. > > > > > > How so? Where can I add an oauth token that works without an app id? > > Ah, you're right. There is a line in GadgetOAuthTokenStore that checks for > it. >
