You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shindig.apache.org by Dan Dumont <dd...@us.ibm.com> on 2012/02/01 20:21:24 UTC
OAuthCallbackServlet question
It seems to me like the following logic:
" window.opener.gadgets.io.oauthReceivedCallbackUrl_ =
document.location.href;\n"
in the servlet and
if (gadgets.io.oauthReceivedCallbackUrl_) {
paramData['OAUTH_RECEIVED_CALLBACK'] =
gadgets.io.oauthReceivedCallbackUrl_;
gadgets.io.oauthReceivedCallbackUrl_ = null;
}
in makeRequest are vulnerable to timing issues.
Can anyone familiar in this area confirm? Is it possible to trigger 2
OAuth dances at the same time and stop over the callback url?
Should this be something like:
window.opener.gadgets.io.setOAuthReceivedCallbackUrl_(requestid,
document.location.href);
So that the gadget can register callbacks for each request it might be
trying to make?