http://codereview.appspot.com/149041/diff/3003/3005 File java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/GadgetOAuthTokenStore.java (right):
http://codereview.appspot.com/149041/diff/3003/3005#newcode62 java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/GadgetOAuthTokenStore.java:62: public GadgetOAuthTokenStore(OAuthStore store, GadgetSpecFactory specFactory, OAuthFetcherConfig fetcherConfig) { Yeah, just double-checked our pipeline implementation. GadgetOAuthTokenStore is created per-container and is constant for the life of the server after that. OAuthFetcherConfig, OTOH, is created per-request. So it would be a royal PITA for us to pass in OAuthFetcherConfig at token store creation time, the scopes of the two objects are too different. But fetcher config passed to getOAuthAccessor is easy. http://codereview.appspot.com/149041/diff/3021/2009#newcode75 java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/GadgetOAuthTokenStore.java:75: * - what HTTP method to use for request token and access token requests OAUth -> OAuth http://codereview.appspot.com/149041/diff/3021/2009#newcode116 java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/GadgetOAuthTokenStore.java:116: securityToken.getOwnerId().equals(securityToken.getViewerId())) { we lost a check for securityToken.getOwnerId() != null. Maybe swap the order here to avoid any potential null pointer exception? http://codereview.appspot.com/149041/diff/3021/2010 File java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthFetcherConfig.java (right): http://codereview.appspot.com/149041/diff/3021/2010#newcode38 java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthFetcherConfig.java:38: private static boolean viewerAccessTokensEnabled = false; shouldn't be static, not thread safe. Make it private final member variable instead. http://codereview.appspot.com/149041
