Okay, really sorry. I had a bad cert - the public and private keys didn't match. Still, some more feedback, rather than just a 401 error, would be nice. Maybe this should be documented better.
On Nov 23, 2:15 pm, Dan Lowenthal <[email protected]> wrote: > Also, the time on our server is correct. > > On Nov 23, 1:20 pm, Dan Lowenthal <[email protected]> wrote: > > > I'm developing an online patient portal for Clarkson Eyecare, and I am > > having an issue with getting permanent session tokens. > > > I am attempting to send a request > > tohttps://www.google.com/accounts/AuthSubSessionToken > > using an auth token I obtained from this > > page:https://www.google.com/h9/authsub?scope=https%3A%2F%2Fwww.google.com%... > > > (note: the "next" target is a development page - it's not open to the > > public) > > > I get the temporary, one-time auth token in our "next" page just fine. > > However, every time I try to use it (and signature information) to > > request a session token, I get an error 401. The certificate > > associated with the private key I'm using to generate the rsa-sha1 > > signature is definitely registered with our profile. > > > I am using PHP to try to submit the data to AuthSubSessionToken. I > > usedhttp://gdatatips.blogspot.com/2008/07/secure-authsub-in-php.html > > as a reference (it is referenced in many of these forum discussions), > > and my code does essentially the same thing. One thing I noticed was > > that it uses md5 to generate the nonce - md5 creates 128-bit results > > encoded in hex, NOT 64-bit base 10 integers (which the documentation > > says it should be). That being said, using a 64-bit long doesn't seem > > to work either. Since I can't seem to get a more descriptive error > > message, I tried to dig through the forums to see if anyone else had > > these same issues; if it's out there, I couldn't find it. Some people > > got 401 errors, but they were usually either using the Java client or > > Zend, and were usually issues finding or using the private key (which > > I'm NOT having - the signature is generated just fine). I don't want > > to install Zend just to do this one process that should be a fairly > > straightforward cURL call. > > > Here's an example Authorization header line for the data that was > > sent: > > Authorization: AuthSub token="<auth token>" > > data="GEThttps://www.google.com/accounts/AuthSubSessionToken1290539269 > > 7ee5fa7cea605049d1c49c57cf136924" sig="<signature>" sigalg="rsa-sha1" > > with <auth token> and <signature> obviously filled in with real > > values. > > > Thank you in advance for your help, > > Dan -- You received this message because you are subscribed to the Google Groups "Google Health Developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/googlehealthdevelopers?hl=en.
