http://wave-robot-java-client.googlecode.com/svn/trunk/doc/com/google/wave/api/oauth/package-summary.html
And because I've never used that before, I'll allow others to tell you how it works and if it's indeed the right package for authentication on a wave for robots. But that will probably be a good starting point. On Nov 23, 3:59 am, Solvek <adamc...@gmail.com> wrote: > Imagine I want to create game "Rock-paper-scissors" for Google Waves. > I am thinking to implement it as a Wave Gadget. > > The idea is simple: all participants send their decisions to my cloud > app (it is an Appengine Java Application), my server part collects > this data and does not share to anybody until all participants > complete their selection. After this the selection is shared to all > participants and the winner is determined. > > I can use wave.getViewer().getId() to identify user on the server > during gadgets.io.makeRequest. It can work perfectly. > But how I can get sure that on the server side the incoming request is > really from this specific wave user? (how can I approve that wave's > participant id is not hacked on the client side? Any wave container > signature allowing determine wave participant id is available?) > > What are the best practices for googl wave participant authentication > on my appengine side? Please provide examples if possible. > > My actual gadget is more complicated but the problem is as described > above. -- You received this message because you are subscribed to the Google Groups "Google Wave API" group. To post to this group, send email to google-wave-...@googlegroups.com. To unsubscribe from this group, send email to google-wave-api+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-wave-api?hl=en.