Menu
I'm trying to understand the correct sequence of steps followed by Gmail when loading and authenticating a contextual gadget. One of the reasons (there are others) is that I want to know whether I can make the gadget manifest behind a Open ID authentication so that only authenticated users will be able to pull the gadget in to Gmail.
I haven't seen any documentation on this anywhere. Here's how I think it works... (where mysite.com is an openID relying party).
User: clicks on a mail in Gmail inbox Gmail: Load email. Retrieve gadget manifest from mysite.com/gadgets/gadget.xml MySite: You need to be authenticated to access gadgets/gadget.xml Gmail: Here's the user's OpenID MySite: Here's gadgets/gadget.xml Gmail: "paints" the gadget contents on the context area of the email
Please correct me if this is wrong
209
Well, I think the answer to my question is here: http://code.google.com/googleapps/marketplace/best_practices.html#gadget_sso
According to this, there's no implicit OpenID authentication. It's your responsibility to make it happen by using osapi.http.get.
64
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
