Thanks Paul,
Everything is working fine in the oauth playground now (I added the
private key to the input)
I'm still getting the error with exchangeForSessionToken
I'm using the following code for getRSAkey()
AsymmetricAlgorithm getRsaKey()
{
string fileName =
ConfigurationManager.AppSettings["GoogleCert"];
X509Store store = new X509Store("My",
StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
X509Certificate2 cert =
store.Certificates.Find(X509FindType.FindBySubjectName,
"beta.lifeonkey.com", false)[0];
RSACryptoServiceProvider privateKey = cert.PrivateKey as
RSACryptoServiceProvider;
return privateKey;
}
its called from the method:
String sessionToken =
AuthSubUtil.exchangeForSessionToken(singleUseToken,
getRsaKey()).ToString();
where singleUseToken is the querystring["token"] returned from
AuthSubUtil.getRequestUrl("https", "www.google.com",
"/h9/authsub", reqUrl, "https://www.google.com/h9/
feeds/", true, true);
thanks,
Barry
On Apr 5, 12:27 pm, barry <[email protected]> wrote:
> also, when testing the certificate form manage accounts, it works fine
>
> On Apr 5, 8:58 am, barry <[email protected]> wrote:
>
> > Hi Paul,
> > thanks for the response.
>
> > I only used the above as an example. the actual command i did for
> > openssl is as follows:
>
> > openssl req -x509 -nodes -days 365 -newkey rsa:1024 -sha1 -subj "/C=US/
> > ST=NY/L=New York/CN=beta.lifeonkey.com" -keyout myBetaKey.pem -out
> > myBetaCert.pem
>
> > I uploaded the myBetaCert.pem to MyAccounts for the domain
> > beta.lifeonkey.com
>
> > when running the OAuth Playground I chose H9 for scope, RSA-SHA1 for
> > signature method, and beta.lifeonkey.com for consumer key
>
> > the request/response is as follows:
>
> > GET /accounts/OAuthGetRequestToken?scope=https%3A%2F%2Fwww.google.com
> > %2Fh9%2Ffeeds%2F HTTP/1.1
> > Host:www.google.com
> > Accept: */*
> > Authorization: OAuth oauth_version="1.0",
> > oauth_nonce="46089545738b1bf89a9b86899d7d28a2",
> > oauth_timestamp="1301982083", oauth_consumer_key="beta.lifeonkey.com",
> > oauth_signature_method="RSA-SHA1",
> > oauth_signature="UQY9UkiQDtO3risyqBrAKSUbmc93p2o3tvYx7RQiVY15p
> > %2B6r9pYqT4YPcgrEpdqhDNvePmJQzLgB6nwHlb9zkWeAyGsYu84r6yj
> > %2BUjmWUucL0T8LjAhoz4wQLPAX3xq3q9B28HSMuJNMyBJrLjKAVRY7TNyvE3RhH9Jm
> > %2B5JV%2F88%3D"
>
> > HTTP/1.1 400 Bad Request
> > Content-Type: text/plain; charset=UTF-8
> > Date: Tue, 05 Apr 2011 05:41:23 GMT
> > Expires: Tue, 05 Apr 2011 05:41:23 GMT
> > Cache-Control: private, max-age=0
> > X-Content-Type-Options: nosniff
> > X-XSS-Protection: 1; mode=block
> > Content-Length: 343
> > Server: GSE
>
> > signature_invalid
> > base_string:GET&https%3A%2F%2Fwww.google.com%2Faccounts
> > %2FOAuthGetRequestToken&oauth_consumer_key%3Dbeta.lifeonkey.com
> > %26oauth_nonce
> > %3D46089545738b1bf89a9b86899d7d28a2%26oauth_signature_method%3DRSA-
> > SHA1%26oauth_timestamp%3D1301982083%26oauth_version%3D1.0%26scope
> > %3Dhttps%253A%252F%252Fwww.google.com%252Fh9%252Ffeeds%252F
>
> > I don't understand why the signature is invalid.
> > What am i missing???
>
> > Thanks,
> > Barry
>
> > On Apr 5, 5:00 am, "Paul (Google)" <[email protected]> wrote:
>
> > > Hi Barry,
>
> > > In case you haven't obfuscated your actual domain name in the openssl
> > > command you posted, you need to ensure that the CN in your certificate and
> > > the domain you supply as part of the "next" URL when making the request
> > > for
> > > the single-use token match.
>
> > > To test that your certificate has been uploaded correctly to the Manage
> > > Domains tool and that it matches your private key, you can use the OAuth
> > > Playground.
>
> > >http://googlecodesamples.com/oauth_playground/
>
> > > In step 2, you can provide your own private key. The oauth_consumer_key
> > > is
> > > the CN from your certificate. Otherwise, you can the default values for
> > > the
> > > other settings.
>
> > > Let us know how it goes!
>
> > > Paul (Google)
--
You received this message because you are subscribed to the Google Groups
"Google Health Developers" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/googlehealthdevelopers?hl=en.
