Google API OAuth2 access with mobile web application?

Question

I'm writing a mobile application using JavaScript and HTML and I'll pack it using PhoneGap, so at the end it will be a native one.

One feature of this App will be the "Import from Google Docs" one. I'll set a Google account up for the App and put some documents in it so they will be available from the application itself. This seemed pretty straightforward, until I hit a wall with OAuth2.

What I cannot figure out is how to provide my application with a way to authenticate itself using a pre-authenticated token (I think this is the use of the "secret key" in the OAuth workflow). The problem seems to be that on the Google API guides I read, when speaking of JavaScript integration they always refer to a web application which - as part of the OAuth flow - will eventually ask THE USER to authenticate with HER Google account (and not my application's one) and never use the "secret key" (we will leave the problem of embedding a secret key into an application for later).

What am I missing here? Does anyone have done something similar and care to explain it a bit?

Answer 1

I recently presented OAuth at BlackBerry Jam Americas. You can view the recording of this presentation here which I think may help answer some questions about the differences between OAuth and OAuth2, and how to implement them in a PhoneGap (or WebWorks) application: http://hosting.desire2learncapture.com/RIM/1/watch/63.aspx?q=social

Also, my colleague Chad recently published some sample code that you can use in your own app development. We have published sample BlackBerry WebWorks applications here that demonstrate how to integrate OAuth with Twitter, FaceBook and Foursquare: https://github.com/blackberry/BB10-WebWorks-Samples

Good luck!