For a couple of days now I've been trying to get OAuth authentication working for Picasa from a Flex/Actionscript app, but to no avail. I've seen the notes at:
http://code.google.com/apis/picasaweb/docs/2.0/reference.html#Flash and am calling the loadPolicyFile method as suggested like this: System.security.loadPolicyFile("http://photos.googleapis.com/data/ crossdomain.xml"); But Flash refuses to allow me to make a call to this url, and I get the error: Error: Request for resource at http://photos.googleapis.com/accounts/OAuthGetRequestToken?<my url pararams> by requestor from http://<myhost>/my.swf is denied due to lack of policy file permissions. I've tried both with http and https but neither works. >From what I've gathered so far, the crossdomain.xml policy file does not allow me access to any resources under photos.googleapis.com/ accounts. If I change the OAuthGetRequestToken url to photos.googleapis.com/data/OAuthGetRequestToken, Flash _will_ fetch the url, though I'll receive an error from google of course, as the OAuthGetRequestToken endpoint doesn't live at that url. It does tell me that while Flash will allow me to talk to resources under /data, it will not allow me to talk to resources under /accounts. I also can't find any examples or live web services who use OAuth to picasa succesfully from a Flash app, so I'm starting to suspect that it is simply not possible to use OAuth from actionscript due to an issue with crossdomain policies. I would love for someone to tell me otherwise though. I'm hoping a Google engineer and/or an Actionscript/Picasa developer could comment on this? I'm testing all of this on flash 10.0, Flex 4.0 on Mac btw thanks in advance, Peter Hulst -- You received this message because you are subscribed to the Google Groups "Google Picasa Web Albums API" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-picasa-data-api?hl=en.
