I guess my disconnect is that OUR implementation of the GrantRequestHandler used the security token to PULL OUT the value we needed. In other words our container had set the security token with trustedJson that held the extra parameters we needed. Thus when the intial makeRequest happened, the 'st' param went along for the ride.
Now we are saying we should just pull all the request parameters off of the incoming makeRequest. Problem is it's initiated by the gadget, which doesn't have knowledge of the value we stored in the security token. The security token was my communication between the container and the gadget. For the generic case I'd have to BLINDLY pass along ALL the parameters to the authorization request (if we wanted a generic solution). I hate writing a GrantRequestHandler that is specific to a provider (although that's basically what I did to transition our parameter along), but if I don't know what parameters to pass along I'm not sure how to generically do this. I have to give this more thought. doug On 12/8/11 2:44 PM, "Li Xu" <leeg...@gmail.com> wrote: > Hi Doug, > Sure, np. > Yes, it's hard to filter the parameter. Maybe all the query parameters as a > first step? > > NO need to say sorry... we have all been new to Shindig once before. Let's > still use the same issue and review request to keep track of this. When a > new patch is ready, please just upload the patch in the review request. > > Thanks! > li