All geek questions in one place

Gmail Contextual Gadgets and OpenID Authentication Steps

I'm trying to figure out the correct sequence of steps that Gmail follows when downloading and authenticating a contextual gadget. One of the reasons (there are others) is that I want to know if I can make a gadget manifest to identify the public identifier so that only authenticated users can connect the gadget to Gmail.

I have not seen the documentation anywhere. Here, as I think it works ... (where mysite.com is the trusted side of openID).

User: clicks on the mail in the Gmail inbox Gmail: download email. Get the manifest manifest from mysite.com/gadgets/gadget.xml MySite: you need to authenticate to access the gadgets /gadget.xml Gmail: here the user is OpenID MySite: here the gadgets /gadget.xml Gmail: "draws" the contents of the gadget in the context area Email.

Please correct me if this is not the case.

+3
source share
2 answers

Ok, I think the answer to my question is here: http://code.google.com/googleapps/marketplace/best_practices.html#gadget_sso

Accordingly, there is no implicit authentication of OpenID. It is your responsibility to do this using osapi.http.get.

+1

, :

  • , SSO OpenID
  • OAuth,    , (    , )
  •          , : osapi.http.get,       open_social_id .
  •                     opensocialid, ,                   open_social_id, ,       OpenId           auth, 1 ,               OpenId,                  
  • ,                                     ,                         .
+1

Source: https://habr.com/ru/post/1757771/

More articles:


All Articles