Hi Claudio, million thanks!! Now it is working perfectly. Google must have changed something under the hood as adding the XOauth-Requestor has been working some weeks ago....
Thanks, Daniel On Sat, Feb 26, 2011 at 01:17, Claudio Cherubino <[email protected]>wrote: > Hi Daniel, > > The Provisioning API supports 3-legged OAuth for authentication, however > you don't have to add the xoauth_requestor_id parameter to the request. > This is a sample working request: > > *GET /a/feeds/mydomain.com/user/2.0 HTTP/1.1 > X-HostCommonName: apps-apis.google.com Authorization: OAuth > oauth_consumer_key="anonymous",oauth_signature_method="HMAC-SHA1",oauth_timestamp="1298679334",oauth_nonce="397029916",oauth_version="1.0",oauth_token="1%2FDS8tilsOPPPonW_QbQrQwjiYYztZBQtdE9SJ14PkOwU",oauth_signature="llxNAttxo1Ry2jN7SoR213nYO6k%3D" > Cookie: lang=enCookie2: $Version=1 Host:apps-apis.google.com > X-Forwarded-For: 10.244.130.239 X-Target-URI: https://apps-apis.google.com > Connection: Keep-Alive * > > Which returns the following response: > > *HTTP/1.1 200 OK > GData-Version: 1.0 X-Frame-Options: SAMEORIGIN Vary: Accept, > X-GData-Authorization, GData-Version Date: Sat, 26 Feb 2011 00:15:35 > GMTContent-Length:110500 > X-XSS-Protection: 1; mode=block Expires: Sat, 26 Feb 2011 00:15:35 > GMTLast-Modified:Thu, 01 Jan 1970 00:00:00 > GMTContent-Type:application/atom+xml; charset=UTF-8Server: > GSE X-Content-Type-Options: nosniff Cache-Control: private, max-age=0, > must-revalidate, no-transform > > <?xml version='1.0' encoding='UTF-8'?>... > > * > > This instead is a wrong request, i.e. the one with xoauth_requestor_id: > > *GET > /a/feeds/mydomain.com/user/[email protected]/1.1 > * > X-HostCommonName: apps-apis.google.com Authorization: OAuth > oauth_consumer_key="anonymous",oauth_signature_method="HMAC-SHA1",oauth_timestamp="1298679132",oauth_nonce="960917820",oauth_version="1.0",oauth_token="1%2FDS8tilsOPPPonW_QbQrQwjiYYztZBQtdE9SJ14PkOwU",oauth_signature="zcg9eShwoUyKlrQmATWsydJin9M%3D" > Cookie: lang=enCookie2: $Version=1 Host:apps-apis.google.com > X-Forwarded-For: 10.244.130.239 X-Target-URI: https://apps-apis.google.com > Connection: Keep-Alive > > Which returns the following response: > > *HTTP/1.1 401 API is secure. Needs security Credentials* > X-Frame-Options: SAMEORIGIN WWW-Authenticate: GoogleLogin realm=" > http://www.google.com/accounts/ClientLogin";, service="apps" Date:Sat, 26 > Feb 2011 00:12:12 GMT Content-Length: 179 X-XSS-Protection: 1; > mode=blockExpires:Sat, > 26 Feb 2011 00:12:12 GMT Content-Type: text/html; charset=UTF-8 > Connection: close Server:GSE X-Content-Type-Options: > nosniffCache-Control:private, max-age=0 > > <HTML><HEAD><TITLE>Unknown authorization header</TITLE></HEAD><BODY > BGCOLOR="#FFFFFF" TEXT="#000000"><H1>Unknown authorization > header</H1><H2>Error 401</H2></BODY></HTML> > > > Claudio > > > On Fri, Feb 25, 2011 at 3:22 AM, Daniel Florey <[email protected]>wrote: > >> Hi, >> can someone please elaborate if the provisioning API for 3-legged OAuth is >> supported? >> As stated in the docs it should be supported. I can grab a OAuth token for >> the "https://apps-apis.google.com/a/feeds/"; scope, but when accessing the >> groups feed, I get: >> >> >> com.google.gdata.util.AuthenticationException: OK >> <HTML> >> <HEAD> >> <TITLE>Unknown authorization header</TITLE> >> </HEAD> >> <BODY BGCOLOR="#FFFFFF" TEXT="#000000"> >> <H1>Unknown authorization header</H1> >> <H2>Error 401</H2> >> </BODY> >> </HTML> >> >> I'm adding the "xoauth_requestor_id" to the request. It works fine for all >> other GData API's so far. >> >> Any help would be appreciated, >> >> Daniel Florey >> >> OAuth for web applications >> >> Provisioning API service also supports 3-legged OAuth scheme for allowing >> web applications to manage users, nicknames, groups and organization units. >> TheOAuth guide <http://code.google.com/apis/accounts/docs/OAuth_ref.html> >> provides >> more information on how to obtain access tokens >> >> *OAuth scope parameter* >> >> https://apps-apis.google.com/a/feeds/ >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Google Apps Domain Information and Management APIs" group. >> To post to this group, send email to >> [email protected]. >> To unsubscribe from this group, send email to >> [email protected]. >> For more options, visit this group at >> http://groups.google.com/group/google-apps-mgmt-apis?hl=en. >> > > -- You received this message because you are subscribed to the Google Groups "Google Apps Domain Information and Management APIs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-apps-mgmt-apis?hl=en.
