Hello, I want to allow viewers to approve OAuth tokens for pages where they are not the owner. Basically, we have a requirement to allow users to view OAuth gadgets on a shared page.
I set "shindig.signing.viewer-access-tokens-enabled=true" in shindig.properties "to allow the use of 3-legged OAuth tokens when viewer != owner" (per the description). However, when the OAuth request is being made, I still get the error "Client state belongs to a different person ...". OAuthRequest.checkCanApprove() checks to see if the clientState owner is the same as the page viewer, so even if I make the above change in shindig.properties, I cannot approve access tokens. The description of checkCanApprove() says "At the moment we restrict this to page owner's viewing their own pages." How do I get shindig.signing.viewer-access-tokens-enabled=true to take effect? Or is this not supported yet? Thanks! Dennis
