Nolan,
You may want to check this The Mysteries of x-google-token and Why It Mattersto get a better sense of x-google-token.
Using a GTalk client in debug mode show it first does an HTTP authentication and then use the received x-google-token in the private SASL mechanism. In essence it's a two steps SSO.
Regards
Jean-Louis
Google token explained
Nolan,
You may want to check this The Mysteries of x-google-token and Why It Mattersto get a better sense of x-google-token.
Using a GTalk client in debug mode show it first does an HTTP authentication and then use the received x-google-token in the private SASL mechanism. In essence it's a two steps SSO.
Regards
Jean-Louis