Did you see this example
http://oauth.googlecode.com/svn/code/java/example/oauth-provider/ ?
HTH,
Rob
On Mon, Oct 12, 2009 at 2:19 AM, Anuradha Thota anuradha.th...@gmail.comwrote:
Hi,
Iam trying to implement a sample oauth consumer(plain java) and a
service provider(servlet).
In my client
I would like to leverage OAuth without having to hit a database to validate
each request. In addition, I would like to avoid using public key's since
the performance is slower and distribution of the public keys can be
difficult. These requirements have led me to investigating the OAuth Session
When using this library you can use an OAuthValidator implementation, like
SimpleOAuthValidator, to check the signature, timestamp, nounce. An
example of it being used can be found in the EchoServlet on line 52
SampleOAuthProvider.VALIDATOR.validateMessage(requestMessage, accessor);
[1]. More
I would consider using a library that already does this for you. There are
three things that MAY cause you problems.
1) What is the value of the key that you are passing in? The key to sign
should be oauthParamEncode(consumerSecret) + +
oauthParamEncode(tokenSecret). I define oauthParamEncode as
] http://developer.yahoo.com/oauth/guide/oauth-auth-flow.html
On Thu, Oct 15, 2009 at 3:17 PM, Allen Tom a...@yahoo-inc.com wrote:
Robert Winch wrote:
I would like to leverage OAuth without having to hit a database to
validate each request. In addition, I would like to avoid using public key's
As John pointed out you should not set the accessToken to you should
leave it null. I believe if you change this it will fix your problem. Two
legged OAuth does not specify the access token on the request (since access
token is never requested) [1]. I think the error you are seeing occurs since
Sorry I believe you are correct that the EchoServlet is currently written to
only support 3-Legged OAuth. I think by changing the EchoServlet in the
following ways it should support 2-Legged.
1) Instead of
OAuthAccessor accessor = SampleOAuthProvider.getAccessor(requestMessage);
Use
final
Sorry to keep at this, but I am attempting to figure out the best way to go
about doing 2-Legged OAuth with the Session Extension. My goal is still the
same in that I wish to avoid using a database to validate requests. I also
would like credentials to be short lived. Both of these goals can be
(user enters username and password on google
website).
Is there a way to query what is the username/email used to login ?
many thanks
On Nov 13, 1:17 am, Robert Winch rwi...@gmail.com wrote:
The access token to user relationship should be stored within the
application that requested
.
Allen
Robert Winch wrote:
Sorry to keep at this, but I am attempting to figure out the best way to
go about doing 2-Legged OAuth with the Session Extension. My goal is still
the same in that I wish to avoid using a database to validate requests. I
also would like credentials to be short
If I understand correctly, you are attempting to register your web
application with Google to create a consumer key and secret? The application
is running on your local machine and so after adding the verification file
to localhost you tell google to verify the file exists. Upon doing so you
get
According to the OAuth spec a 400 occurs when a Service Provider rejects a
Consumer Request. Some of the examples they outline are Unsupported
parameter, Unsupported signature method, Missing required parameter, ...
Since the code is working against another provider I'd consult the doc for
this
12 matches
Mail list logo