
oauth
Get flash to fully experience Pearltrees
RFC 5849 - The OAuth 1.0 Protocol
Shindig - Welcome To Apache Shindig!
Gmail Contextual Gadget SSO - Google Apps gadgets API | Google Groups
This document describes what Gmail contextual gadgets are, how to write them, how to install them, and how to diagnose and fix some common issues. Gmail contextual gadgets can be listed for sale in the Google Apps Marketplace or used within in-house applications installed through the Google Apps console . A Gmail contextual gadget is a gadget that is triggered by clues in Gmail, such as the contents of Subject lines and email messages.
Gmail Contextual Gadgets Developer's Guide - Gmail APIs and Tools - Google Code
Abstract This specification extends the OAuth signature to include integrity checks on HTTP request bodies with content types other than application/x-www-form-urlencoded . The OAuth Core specification [OAuth Core 1.0] ( OAuth, OCW., “OAuth Core 1.0,” . ) provides body integrity checking only for application/x-www-form-urlencoded request bodies. Other types of request bodies are left unsigned.
Final: OAuth Request Body Hash
Authentication Best Practices - Google Apps Marketplace - Google Code
Validating Signed Requests - OpenSocial Documentation - OpenSocial Wiki
This article describes how to validate a signed request. If you're unsure of what a signed request is or why you would want to use one, please check out the OSD:Introduction To Signed Requests page....Authentication and authorization for Google APIs allow third-party applications to get limited access to a user's Google accounts for certain types of activities. This document explains the available auth mechanisms and describes what each one provides for your application. OAuth 2.0 is a new, simplified authorization protocol for all Google APIs. OAuth 2.0 relies on SSL for security instead of requiring your application to do cryptographic signing directly.
Choosing an Auth Mechanism - Authentication and Authorization for Google APIs - Google Code
Beginner’s Guide to OAuth – Part IV: Signing Requests « hueniverse
This post contains obsolete or incorrect information. For a more recent update, please visit The OAuth 1.0 Guide Time to put the previously discussed concepts into action.A good pratice when you build a Gmail contextual Gadget that communicates with a backend is to secure this communication. Within a Gmail contextual Gadget you can do that using the OpenSocial library to sign the requests. We explain how in this post.
Set up a secure communication between a Gmail contextual Gadget and a Google App engine backend - the Simple Code's blog
Lesson 10: Interact with your own Backend - VZ Developer Wiki
This tutorial shows how you can call your own backend from a gadget, how you can verify the calls signature and how you can call the opensocial rest API from your backend. Making a call from your gadget In your gadget you can use the gadgets.io.makeRequest method to call an external url.Working with Remote Content - Gadgets API - Google Code
This document describes how to fetch and manipulate remote textual (typically HTML), XML, and JSON data using the makeRequest() function. The makeRequest() function is just one technique for fetching remote data. For an overview of the different approaches you can use, see the Remote Data Requests Developers Guide . Refreshing the Cache For an overview of the different approaches you can use to fetch remote data, see the Remote Data Requests Developers Guide .Important: OAuth 1.0 has been officially deprecated as of April 20, 2012. It will continue to work as per our deprecation policy , but we encourage you to migrate to OAuth 2.0 as soon as possible. This document describes Google's implementation of the OAuth open standard for authorization, and explains how to implement OAuth in your application. For more information on OAuth, see the OAuth.net documentation . You should already be familiar with the principles behind OAuth, and be aware of any service-specific authorization issues for the API you are using. You should also have read the appropriate background documentation for the type of application you are writing:
OAuth 1.0 API Reference - Authentication and Authorization for Google APIs - Google Code
Authorization services let users provide your application with access to the data they have stored in Google applications. Google takes privacy seriously, and any application that requires access to a user's data must be authorized by the user. Authentication and authorization services are often referred to collectively as auth . Authentication and authorization for Google APIs allow third-party applications to get limited access to a user's Google accounts for certain types of activities. This document introduces the available auth mechanisms and describes what each one provides for your application. OAuth 2.0 is a new, simplified authorization protocol for all Google APIs.

