[tgasson]

This is great for prototypes but there's an edge case that breaks it's usefulness in live sites.

Sometimes google will make already logged in users reauthenticate. It will redirect to the authentication page and you'll get a bunch of HTML rather than json returned, and the user won't know why it's not working.

[jzwinck]

The URL has "public" in it; are you sure Google requires authentication at all for this?

[tgasson]

Yes I have run into this issue myself. It is a public resource, if you're not logged in at all its fine or if you're recently logged in its fine.

It's the same reauth you sometimes get when visiting a public blogger site. It is an edge case, but quite unpredictable and hard to track down from client reports.