Try turning on debugging in the library:
client.debug = True
Also make sure your machine is in sync with an NFS time server.
If your timestamp is off (e.g. in the future from what the Google
server's expect),
you'll receive an Invalid signature.
Eric
On Apr 21, 10:54 am, Chris Macksey <cmack...@gmail.com> wrote:
> Hi,
>
> I'm trying to use the Python secure AuthSub code in a Python/
> TurboGears app, but I'm getting an error when I attempt to upgrade
> from a single use to a session token.
>
> The relevant stack trace:
>
> >...
> > File
> > "/srv/virtual-envs/micard/lib/python2.5/site-packages/TurboGears-1.0.7-py2.
> > 5.egg/turbogears/identit
> >y/conditions.py", line 207, in require
> > return fn(self, *args, **kwargs)
> > File "/srv/MiHealthCard/Service/micardservice/imports/controller.py", line
> > 90, in ImportHook
> > importedData = provider.HandleImport(*args, **kwargs)
> > File
> > "/srv/MiHealthCard/Service/micardservice/imports/google/gdata_import.py",
> > line 475, in HandleImport
> > sessionToken = service.upgrade_to_session_token(token)
> > File "build/bdist.linux-i686/egg/gdata/service.py", line 890, in
> > upgrade_to_session_token
> > 'body': response_body})
> >TokenUpgradeFailed: ({'status': 401, 'body': '<HTML>\n<HEAD>\n<TITLE>Invalid
> >AuthSub signature.</TITLE>\n<
> >/HEAD>\n<BODY BGCOLOR="#FFFFFF" TEXT="#000000">\n<H1>Invalid AuthSub
> >signature.</H1>\n<H2>Error 401</H2>\n
> ></BODY>\n</HTML>\n', 'reason': 'Non 200 response on upgrade'}, <bound method
> >Root.default of <micardservic
> >e.controllers.Root object at 0xa87224c>>)
>
> I've uploaded the certificate using the Manage Domains tool, and
> passed the rsa_key to the secure authsub token; I've also tried
> several times just in case it was a weird token, but to no avail.
>
> It looks like it's getting AuthSub headers, I added some trace logic
> into the SecureAuthToken to dump the headers, and it usually gets
> something like:
>
> 'Content-Type': 'application/x-www-form-urlencoded',
> 'Authorization': u'AuthSub token="1/
> WlZYyzjNwquoGMEhRyruG2ATiaQZnWPB51nTvo8n9Sw"
> data="GEThttps://www.google.com/accounts/AuthSubSessionToken1240242612
> 11469930043126645228"
> sig="JDxtmhDDFERQihrFcPCMdbqNLQ2qyBM3zh3GjuiFTpS8Sp0RUN/
> XNL7dN7+2ntn2OIGZGjhkMa6YgMAIUcuK3LA1KQf2adU9zhNAT9DQsaITRpivhYeltn1aSpVg1T
> XO9xu3hwuFmzY757vW1cqGYkM5epXSvhcbMsddxF8T334="
> sigalg="rsa-sha1"'
>
> I'm at a bit of a loss at this point to know what's going wrong. The
> app works fine in non-secure mode.
>
> Thanks for any help!
>
> Chris Macksey
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Google Health Developers" group.
To post to this group, send email to googlehealthdevelopers@googlegroups.com
To unsubscribe from this group, send email to
googlehealthdevelopers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/googlehealthdevelopers?hl=en
-~----------~----~----~----~------~----~------~--~---
