Hi Paul,
also maybe this will help you,
i tried calling
String sessionToken = AuthSubUtil.exchangeForSessionToken("http",
"beta.lifeonkey.com", singleUseToken, getRsaKey()).ToString();
this doesn;t return an 401 error, it just returns null
Thanks,
Barry
On Apr 6, 8:26 am, barry <[email protected]> wrote:
> Hi Paul,
>
> It's still not working. same exception. I tried again with the oauth
> playground and its working perfectly.
>
> this is driving me crazy.
>
> Thanks,
> Barry
>
> On Apr 5, 9:33 pm, "Paul (Google)" <[email protected]> wrote:
>
> > Hi Barry,
>
> > I've tweaked your domain's entry in the H9 service directory. Could you
> > give it another try?
>
> > Paul
>
> > On Tue, Apr 5, 2011 at 5:18 AM, barry <[email protected]> wrote:
> > > Thanks Paul,
> > > Everything is working fine in the oauth playground now (I added the
> > > private key to the input)
>
> > > I'm still getting the error with exchangeForSessionToken
>
> > > I'm using the following code for getRSAkey()
>
> > > AsymmetricAlgorithm getRsaKey()
> > > {
> > > string fileName =
> > > ConfigurationManager.AppSettings["GoogleCert"];
>
> > > X509Store store = new X509Store("My",
> > > StoreLocation.LocalMachine);
> > > store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
>
> > > X509Certificate2 cert =
> > > store.Certificates.Find(X509FindType.FindBySubjectName,
> > > "beta.lifeonkey.com", false)[0];
>
> > > RSACryptoServiceProvider privateKey = cert.PrivateKey as
> > > RSACryptoServiceProvider;
> > > return privateKey;
> > > }
>
> > > its called from the method:
> > > String sessionToken =
> > > AuthSubUtil.exchangeForSessionToken(singleUseToken,
> > > getRsaKey()).ToString();
> > > where singleUseToken is the querystring["token"] returned from
> > > AuthSubUtil.getRequestUrl("https", "www.google.com",
> > > "/h9/authsub", reqUrl, "https://www.google.com/h9/
> > > feeds/", true, true);
>
> > > thanks,
>
> > > Barry
>
> > > On Apr 5, 12:27 pm, barry <[email protected]> wrote:
> > > > also, when testing the certificate form manage accounts, it works fine
>
> > > > On Apr 5, 8:58 am, barry <[email protected]> wrote:
>
> > > > > Hi Paul,
> > > > > thanks for the response.
>
> > > > > I only used the above as an example. the actual command i did for
> > > > > openssl is as follows:
>
> > > > > openssl req -x509 -nodes -days 365 -newkey rsa:1024 -sha1 -subj
> > > > > "/C=US/
> > > > > ST=NY/L=New York/CN=beta.lifeonkey.com" -keyout myBetaKey.pem -out
> > > > > myBetaCert.pem
>
> > > > > I uploaded the myBetaCert.pem to MyAccounts for the domain
> > > > > beta.lifeonkey.com
>
> > > > > when running the OAuth Playground I chose H9 for scope, RSA-SHA1 for
> > > > > signature method, and beta.lifeonkey.com for consumer key
>
> > > > > the request/response is as follows:
>
> > > > > GET /accounts/OAuthGetRequestToken?scope=https%3A%2F%2Fwww.google.com
> > > > > %2Fh9%2Ffeeds%2F HTTP/1.1
> > > > > Host:www.google.com
> > > > > Accept: */*
> > > > > Authorization: OAuth oauth_version="1.0",
> > > > > oauth_nonce="46089545738b1bf89a9b86899d7d28a2",
> > > > > oauth_timestamp="1301982083", oauth_consumer_key="beta.lifeonkey.com",
> > > > > oauth_signature_method="RSA-SHA1",
> > > > > oauth_signature="UQY9UkiQDtO3risyqBrAKSUbmc93p2o3tvYx7RQiVY15p
> > > > > %2B6r9pYqT4YPcgrEpdqhDNvePmJQzLgB6nwHlb9zkWeAyGsYu84r6yj
> > > > > %2BUjmWUucL0T8LjAhoz4wQLPAX3xq3q9B28HSMuJNMyBJrLjKAVRY7TNyvE3RhH9Jm
> > > > > %2B5JV%2F88%3D"
>
> > > > > HTTP/1.1 400 Bad Request
> > > > > Content-Type: text/plain; charset=UTF-8
> > > > > Date: Tue, 05 Apr 2011 05:41:23 GMT
> > > > > Expires: Tue, 05 Apr 2011 05:41:23 GMT
> > > > > Cache-Control: private, max-age=0
> > > > > X-Content-Type-Options: nosniff
> > > > > X-XSS-Protection: 1; mode=block
> > > > > Content-Length: 343
> > > > > Server: GSE
>
> > > > > signature_invalid
> > > > > base_string:GET&https%3A%2F%2Fwww.google.com%2Faccounts
> > > > > %2FOAuthGetRequestToken&oauth_consumer_key%3Dbeta.lifeonkey.com
> > > > > %26oauth_nonce
> > > > > %3D46089545738b1bf89a9b86899d7d28a2%26oauth_signature_method%3DRSA-
> > > > > SHA1%26oauth_timestamp%3D1301982083%26oauth_version%3D1.0%26scope
> > > > > %3Dhttps%253A%252F%252Fwww.google.com%252Fh9%252Ffeeds%252F
>
> > > > > I don't understand why the signature is invalid.
> > > > > What am i missing???
>
> > > > > Thanks,
> > > > > Barry
>
> > > > > On Apr 5, 5:00 am, "Paul (Google)" <[email protected]> wrote:
>
> > > > > > Hi Barry,
>
> > > > > > In case you haven't obfuscated your actual domain name in the
> > > > > > openssl
> > > > > > command you posted, you need to ensure that the CN in your
> > > certificate and
> > > > > > the domain you supply as part of the "next" URL when making the
> > > request for
> > > > > > the single-use token match.
>
> > > > > > To test that your certificate has been uploaded correctly to the
> > > Manage
> > > > > > Domains tool and that it matches your private key, you can use the
> > > OAuth
> > > > > > Playground.
>
> > > > > >http://googlecodesamples.com/oauth_playground/
>
> > > > > > In step 2, you can provide your own private key. The
> > > oauth_consumer_key is
> > > > > > the CN from your certificate. Otherwise, you can the default values
> > > for the
> > > > > > other settings.
>
> > > > > > Let us know how it goes!
>
> > > > > > Paul (Google)
>
> > > --
> > > You received this message because you are subscribed to the Google Groups
> > > "Google Health Developers" group.
> > > To post to this group, send email to
> > > [email protected].
> > > To unsubscribe from this group, send email to
> > > [email protected].
> > > For more options, visit this group at
> > >http://groups.google.com/group/googlehealthdevelopers?hl=en.
>
> > --
> > Developer Programs Engineer
> > Google Health
> > [email protected]
--
You received this message because you are subscribed to the Google Groups
"Google Health Developers" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/googlehealthdevelopers?hl=en.
