I've tried that yesterday, it seems to be using the older 1.0 version, not 1.0a as the callback is not specified and acknowledged in the request token dialog. The docs (http://code.google.com/apis/accounts/docs/OAuth.html#tokensCallback and others) say that oauth_callback should now be specified in the request token request as described in the OAuth 1.0a spec.
Can someone from Google comment on this, please? Andy On Jun 14, 2010, at 9:34 PM, gilad wrote: > you can test your oauth implementation here: > http://googlecodesamples.com/oauth_playground/ > > lets you set the fields and the google service to authenticate against > and see the request values > > Gilad > > On Jun 14, 6:22 pm, Andras Ketskes <[email protected]> wrote: >>>>> On Mon, Jun 14, 2010 at 5:10 AM, AndyBT <[email protected]> wrote: >>>>> Hi, >> >>>>> I've been trying to get H9 working with our site's OAuth stack, but >>>>> the browser is not redirected back to our site when the token is >>>>> authorized. It is redirected to the main screen of H9 (https:// >>>>> h9.google.com/h9/p/) instead. The very same OAuth implementation works >>>>> fine with Twitter (and a number of other sites) and I don't see >>>>> anything wrong with the requests either. Do you have any idea what the >>>>> problem might be? >>>>> Please see the request below. I have tried it with a non-localhost >>>>> callback URI, but got the same results. >> >>>>> Andy >> >>>>> REQUEST TOKEN: >>>>> GET /accounts/OAuthGetRequestToken?scope=https%3A%2F%2Fwww.google.com >>>>> %2Fh9%2Ffeeds%2F&secure=0 >>>>> Host:www.google.com >>>>> Accept: application/x-www-form-urlencoded >>>>> Authorization: OAuth oauth_callback="https%3A%2F%2Flocalhost >>>>> %3A8181%2FBodyTrace%2Foauth.html", >>>>> oauth_signature="WvFoIjoatdeQ2edwcTMRm4xO1%2BI%3D", >>>>> oauth_version="1.0", oauth_nonce="25357458- >>>>> df48-4c2e-8500-95269078a030", oauth_signature_method="HMAC-SHA1", >>>>> oauth_consumer_key="www.bodytrace.com", oauth_timestamp="1276515738" >>>>> === >>>>> 200 OK >>>>> Date: Mon, 14 Jun 2010 11:42:18 GMT >>>>> Content-Length: 118 >>>>> Expires: Mon, 14 Jun 2010 11:42:18 GMT >>>>> X-XSS-Protection: 1; mode=block >>>>> Alternate-Protocol: 443:npn-spdy/1 >>>>> Content-Type: text/plain; charset=UTF-8 >>>>> Server: GSE >>>>> Cache-Control: private, max-age=0 >>>>> X-Content-Type-Options: nosniff >>>>> oauth_token=CIPR97-oEhDQlquC- >>>>> _____8BGLfFo5gD&oauth_token_secret=EnNXym2dpZD05jWiLY6zQBii&oauth_callback_ >>>>> confirmed=true >> >>>>> URI WE REDIRECT TO AUTHORIZE: >>>>> https://www.google.com/accounts/OAuthAuthorizeToken?oauth_token=CIPR9... >> >>>>> URI OF AUTHORIZATION PAGE IN BROWSER: >>>>> https://h9.google.com/h9/oauth?oauth_token=CIPR97-oEhDQlquC-_____8BGL... -- You received this message because you are subscribed to the Google Groups "Google Health Developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/googlehealthdevelopers?hl=en.
