Regarding shindig oauth2 call for facebook authentication

Question

Iam new to gadgets. Iam using the oauth2 example for facebook authentication which is bundled with Shindig 2.5.0 The file is under /gadgets/oauth2/oauth2_facebook.xml

I don't know whether this is an issue or not?

I created a gadget container like commoncontainer is created. Inside the gadget url i have given the above facebook gadget url. I have created a facebook app and i have configured all the details in oauth2.json file. When the gadget is rendered, it is asking for facebook username and password. After that it is returning some data. The main problem here is, after this whenever i access the same gadget over the container it is not asking for the facebook credentials. Simply it is logging with the earlier credentials(I donno how the conainer is storing). Even I access the same gadget in other browser also, it is not asking for creadentials. I googled it but i didn't find anything regarding this. Even after deleting all the cookies in the browser, it is not asking for the credentials unless I restart the app server. Please help me on this. Is there anyway restrict this kind of behaviour?

Answer 1

Shindig stores the access token on the server. In a production implementation the access token would be stored by individual user, but the sample implementation does not have this concept right now. OAuth access tokens are usually long lived, so the user should not have to go through the oauth dance for a while. Once the access token expires you would have to do the dance again.