Hi Paul, It's still not working. same exception. I tried again with the oauth playground and its working perfectly.
this is driving me crazy. Thanks, Barry On Apr 5, 9:33 pm, "Paul (Google)" <[email protected]> wrote: > Hi Barry, > > I've tweaked your domain's entry in the H9 service directory. Could you > give it another try? > > Paul > > > > On Tue, Apr 5, 2011 at 5:18 AM, barry <[email protected]> wrote: > > Thanks Paul, > > Everything is working fine in the oauth playground now (I added the > > private key to the input) > > > I'm still getting the error with exchangeForSessionToken > > > I'm using the following code for getRSAkey() > > > AsymmetricAlgorithm getRsaKey() > > { > > string fileName = > > ConfigurationManager.AppSettings["GoogleCert"]; > > > X509Store store = new X509Store("My", > > StoreLocation.LocalMachine); > > store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly); > > > X509Certificate2 cert = > > store.Certificates.Find(X509FindType.FindBySubjectName, > > "beta.lifeonkey.com", false)[0]; > > > RSACryptoServiceProvider privateKey = cert.PrivateKey as > > RSACryptoServiceProvider; > > return privateKey; > > } > > > its called from the method: > > String sessionToken = > > AuthSubUtil.exchangeForSessionToken(singleUseToken, > > getRsaKey()).ToString(); > > where singleUseToken is the querystring["token"] returned from > > AuthSubUtil.getRequestUrl("https", "www.google.com", > > "/h9/authsub", reqUrl, "https://www.google.com/h9/ > > feeds/", true, true); > > > thanks, > > > Barry > > > On Apr 5, 12:27 pm, barry <[email protected]> wrote: > > > also, when testing the certificate form manage accounts, it works fine > > > > On Apr 5, 8:58 am, barry <[email protected]> wrote: > > > > > Hi Paul, > > > > thanks for the response. > > > > > I only used the above as an example. the actual command i did for > > > > openssl is as follows: > > > > > openssl req -x509 -nodes -days 365 -newkey rsa:1024 -sha1 -subj "/C=US/ > > > > ST=NY/L=New York/CN=beta.lifeonkey.com" -keyout myBetaKey.pem -out > > > > myBetaCert.pem > > > > > I uploaded the myBetaCert.pem to MyAccounts for the domain > > > > beta.lifeonkey.com > > > > > when running the OAuth Playground I chose H9 for scope, RSA-SHA1 for > > > > signature method, and beta.lifeonkey.com for consumer key > > > > > the request/response is as follows: > > > > > GET /accounts/OAuthGetRequestToken?scope=https%3A%2F%2Fwww.google.com > > > > %2Fh9%2Ffeeds%2F HTTP/1.1 > > > > Host:www.google.com > > > > Accept: */* > > > > Authorization: OAuth oauth_version="1.0", > > > > oauth_nonce="46089545738b1bf89a9b86899d7d28a2", > > > > oauth_timestamp="1301982083", oauth_consumer_key="beta.lifeonkey.com", > > > > oauth_signature_method="RSA-SHA1", > > > > oauth_signature="UQY9UkiQDtO3risyqBrAKSUbmc93p2o3tvYx7RQiVY15p > > > > %2B6r9pYqT4YPcgrEpdqhDNvePmJQzLgB6nwHlb9zkWeAyGsYu84r6yj > > > > %2BUjmWUucL0T8LjAhoz4wQLPAX3xq3q9B28HSMuJNMyBJrLjKAVRY7TNyvE3RhH9Jm > > > > %2B5JV%2F88%3D" > > > > > HTTP/1.1 400 Bad Request > > > > Content-Type: text/plain; charset=UTF-8 > > > > Date: Tue, 05 Apr 2011 05:41:23 GMT > > > > Expires: Tue, 05 Apr 2011 05:41:23 GMT > > > > Cache-Control: private, max-age=0 > > > > X-Content-Type-Options: nosniff > > > > X-XSS-Protection: 1; mode=block > > > > Content-Length: 343 > > > > Server: GSE > > > > > signature_invalid > > > > base_string:GET&https%3A%2F%2Fwww.google.com%2Faccounts > > > > %2FOAuthGetRequestToken&oauth_consumer_key%3Dbeta.lifeonkey.com > > > > %26oauth_nonce > > > > %3D46089545738b1bf89a9b86899d7d28a2%26oauth_signature_method%3DRSA- > > > > SHA1%26oauth_timestamp%3D1301982083%26oauth_version%3D1.0%26scope > > > > %3Dhttps%253A%252F%252Fwww.google.com%252Fh9%252Ffeeds%252F > > > > > I don't understand why the signature is invalid. > > > > What am i missing??? > > > > > Thanks, > > > > Barry > > > > > On Apr 5, 5:00 am, "Paul (Google)" <[email protected]> wrote: > > > > > > Hi Barry, > > > > > > In case you haven't obfuscated your actual domain name in the openssl > > > > > command you posted, you need to ensure that the CN in your > > certificate and > > > > > the domain you supply as part of the "next" URL when making the > > request for > > > > > the single-use token match. > > > > > > To test that your certificate has been uploaded correctly to the > > Manage > > > > > Domains tool and that it matches your private key, you can use the > > OAuth > > > > > Playground. > > > > > >http://googlecodesamples.com/oauth_playground/ > > > > > > In step 2, you can provide your own private key. The > > oauth_consumer_key is > > > > > the CN from your certificate. Otherwise, you can the default values > > for the > > > > > other settings. > > > > > > Let us know how it goes! > > > > > > Paul (Google) > > > -- > > You received this message because you are subscribed to the Google Groups > > "Google Health Developers" group. > > To post to this group, send email to > > [email protected]. > > To unsubscribe from this group, send email to > > [email protected]. > > For more options, visit this group at > >http://groups.google.com/group/googlehealthdevelopers?hl=en. > > -- > Developer Programs Engineer > Google Health > [email protected] -- You received this message because you are subscribed to the Google Groups "Google Health Developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/googlehealthdevelopers?hl=en.
