Re: [widgets] OAuth and openID

On 23 Feb 2009, at 15:31, Scott Wilson wrote:

> Because many widgets are small local applications offered for remote  
> services that use different user accounts, oAuth is a very important  
> and relevant technology. Which is why, for example, it has been a  
> major task in the oAuth and OpenSocial/Gadgets community to  
> integrate the technology.

> ((Note also that last I heard oAuth was going to IETF for  
> standardisation))


I guess my question is mostly what part of oauth would likely be in  
scope for a widget spec.  My sense is that the likeliest point of  
interaction could be a hand-off mechanism between browser and widget  
to enable a browser-based OAuth authorization decision outside the  
widget itself.  That sounds like it could be added later.

I also suspect that the specification that is going to be most  
relevant for combining OAuth and Widgets is going to be XMLHttpRequest  
level 2.

Received on Saturday, 28 February 2009 21:36:05 UTC