Mike, usually the provider information is configured before hand. Your container could choose to allow gadget developers to register the provider information, but this is outside the scope of Shindig and the OpenSocial spec.
-Ryan Email: rjbax...@us.ibm.com Phone: 978-899-3041 developerWorks Profile From: Michael Matthews <matth...@oclc.org> To: <dev@shindig.apache.org>, Date: 11/21/2011 02:27 PM Subject: Oauth 2 consumer implementation My organization is investigating implementing a "production-ready" version of Shindig's OAuth2 Consumer implementation. After reviewing the wiki at opensocial.org (in particular http://docs.opensocial.org/display/OSD/OAuth+2.0+Consumer+Implementation+in+ Apache+Shindig) and studying the code to Shindig's sample OAuth2 Consumer implementation, it appears that we need to implement our own version of the OAuth2PersistenceModule (e.g. use a database instead of oauth2.json). Some of our remaining questions center around when/how some of the OAuth2 related data is persisted. Presumably, a gadget developer will declare what OAuth2 services they use in their gadget.xml like so: <OAuth2> <Service name="googleAPI_test" scope="https://www.google.com/m8/feeds/"> <Authorization url="https://accounts.google.com/o/oauth2/auth"></Authorization> <Token url="https://accounts.google.com/o/oauth2/token"></Token> </Service> </OAuth2> They will then invoke this service using gadgets.io.makeRequest(). Is the expectation that the Shindig container have this OAuth2 provider pre-configured before the gadget is rendered? Is it possible to register a provider (in this case Google) at runtime? Thanks Mike