Now it works for normal Ajax request, but not when I add custom headers. Let me give a full example, so you can try it out (assuming you have a gmail/google account somewhere):
Originally Posted by Animal
Visit this url to request a temporary security token: AuthSubRequest. The site will ask for permission. If you grant permission, you will be fowarded to Extjs.com?token=sometokenhere. This token is a temporary token that you can exchange for a session token using this request:
The response for this request should contain a new token, that you can use to access google services. Note that it is important that the authorization header should be exactly in the form AuthSub token="asdf8sdjksdu8ds8g", and you can use every temp token only once.