I'd like to propose that opensocial containers support OAuth preloads
in much the same way they support preloads for signed fetch. This is
a latency win. The change is backwards compatible: if a gadget has a
Preload tag with authz=oauth, containers that don't support OAuth
preloads will simply ignore the tag. The gadget will be slower, but
will still function.
If the authz attribute of the Preload tag is set to "oauth", the
Preload tag will support four additional attributes:
oauth_service_name
oauth_token_name
oauth_request_token
oauth_request_token_secret
These attributes have the same semantics and defaults as the
corresponding parameters to gadgets.io.makeRequest.
All of the additional attributes support hangman variable substitution
of user prefs and other values. (This is useful for bootstrapping a
gadget with a user pref that contains a preapproved request token.
The container will immediately be able to access the user's data via
OAuth, without needing an extra popup window so the user can grant
approval.)
I've built a patch to Shindig for this, as a proof-of-concept:
https://issues.apache.org/jira/browse/SHINDIG-488
Cheers,
Brian
They are already there.
Ah, I thought you were talking about makeRequest. Yes, you'd want all
of the options in there.