Hi Immad, Since the server errors aren't always super descriptive, can you also verify you requested the initial token with secure=1&session=1 and the public certificate you uploaded to the ManageDomains page is correct?
Cheers, -Jeff On Jun 25, 10:03 am, Immad <[EMAIL PROTECTED]> wrote: > I have tried every method I can imagine, including working from > several other peoples examples but I just can't get the signature on > secure requests working in ruby. > > I get the a "400 Bad Request error". Given that it is bad request I am > pretty sure my signature is being constructed incorrectly. Here is my > code given a specific data to sign: > > data = "GEThttps://www.google.com/accounts/AuthSubSessionToken > 1208475262 97612217129769266447" > key = OpenSSL::PKey::RSA.new(File.read("config/privkey.pem")) > sig = key.private_encrypt(Digest::SHA1::hexdigest(data)) > # at this stage the data looks all crazy: ""\225\037� ~ > \275 \225\211Dg\245I\261$\032u`\025�...." > sig = Base64.b64encode(sig.to_s) > > This gives sig as: "lR/ > mAX69wo2ViURnpUmxJBp1YBXiDTkCgtj9zTXMtjqYg8jnPg0g9FTw3pUt > \nfPVY3MPczOHcmF5NN5+UYuJbwpFMFZ2e+DZHn1gGE+XZznyNqY9tNg3szYAr > \n2okXUp5qYYnTvojiulpWQZqO2lNSo1eLmcNHSWO+79eZuJ1JQlE=\n" > > And my Header ends up being: > > "Authorization: AuthSub token=\"CKPrudSKERDWzqnw______8B\" sigalg= > \"rsa-sha1\" data=\"GEThttps://www.google.com/accounts/AuthSubSessionToken > 1208475262 97612217129769266447\" sig=\"lR/ > mAX69wo2ViURnpUmxJBp1YBXiDTkCgtj9zTXMtjqYg8jnPg0g9FTw3pUt > \nfPVY3MPczOHcmF5NN5+UYuJbwpFMFZ2e+DZHn1gGE+XZznyNqY9tNg3szYAr > \n2okXUp5qYYnTvojiulpWQZqO2lNSo1eLmcNHSWO+79eZuJ1JQlE=\n\"" > > This is what gives me a bad request. I have tried various different > ways of doing this, the other way of producing the rsa-sha1 signature > that I saw on the net was by changing sig to be: > > sig = key.sign(OpenSSL::Digest::SHA1.new, data) > > This ended up giving me base 64 encoded signature of: > "NkHzHLAk/PSoWf2Eie1N1DUrTXh6OtNgKl4wa9rLjeWI7Le3E0LNcvsvfRDj > \nYZ9skWLCVwmx45HxZqUSRp/06Upr9MP9oeDCPgLR35CmoVTpQFrdzD5ODt7y > \nSQuEYDn81D1vngMBJHivLjVMZDPTVyzO0xZaTb4pAkEGph/jApM=\n" > > Not sure why that should be different, but I can't quite find any > documentation on what exactly the sign method does. > > Either way given that I am getting bad request back, I am guessing > this is a fundamental difference between what Google Authsub API > expects and what ruby is through out. > > This is with ruby 1.8.5. Running under Rails 1.2.6 (if that's > relevant) > > Thanks in advance, > Immad --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Data Protocol" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-help-dataapi?hl=en -~----------~----~----~----~------~----~------~--~---
