You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@shindig.apache.org by Brian Eaton <be...@google.com> on 2008/04/28 22:16:00 UTC

how to get OAuth working again

[new subject]

On Mon, Apr 28, 2008 at 1:07 PM, Shaun Hayes <sh...@oracle.com> wrote:
>  However - I don't feel confident enough of my appraisal to offer actual code, for fear I'll completely miss that ol' moving target.

Your appraisal is exactly right, feel free to attach a patch to
https://issues.apache.org/jira/browse/SHINDIG-216.

>  ...On that topic, I've got another problem related to this, when the Oauth provider expires it's issued tokens, and the current Shindig Oauth implementation never allows that information to propogate anywhere, leaving a poison token cache in place to stop all subsequent requests from the issuing gadget from ever being succesfully authenticated ever again, but for the moment, that's a completely different problem (which I'll be happy to explore further when the basic functionality is back in action).

Yeah, we need to implement the OAuth problem handling extension.  I'm
open to suggestions on how to detect this issue for service providers
that don't support that extension.

Cheers,
Brian