Hello,
Thank you for your post -- It appears there is an error in the
documentation.
The right way to make this transition is:
1. register
2. wait for confirmation
3. start signing requests
4. start requesting secure=1 tokens
You can sign insecure tokens as long as your key is on file.
I'm filing a bug to have the documentation updated. Please let me
know if you have any further questions.
Cheers,
-Ryan
On Mar 15, 7:33 pm, "taresh" <[EMAIL PROTECTED]> wrote:
> Any updates? I am seeing the same issue.
>
> Per the documentation,
> You don't need to wait until getting Google confirmation to start
> signing requests, however; it is okay to sign requests with insecure
> tokens, the signatures will be ignored.
>
> However, I am getting a "signature is invalid" response when I call
> AuthSubUtil.exchangeForSessionToken.
>
> Here is my code. I generated the key using keytool with the
> parameters specified on the gdata help pages.
>
> GoogleService service = new GoogleService("blogger", "xxx-yyy-
> versionID");
> String url = AuthSubUtil.getRequestUrl("https://xxx";,
> "http://www.blogger.com/feeds";, false, true);
>
> java.security.PrivateKey privateKey =
> AuthSubUtil.getPrivateKeyFromKeystore("AuthSubExample.jks",
> "changeme",
> "AuthSubExample",
> "changeme");
>
> System.out.println(url);
> System.out.println("Enter one-time token");
> DataInputStream in = new DataInputStream(System.in);
> String oneTimeToken = in.readLine();
> String newToken =
> AuthSubUtil.exchangeForSessionToken(oneTimeToken, privateKey);
> System.out.print("New token: ");
> System.out.println(newToken);
>
> On Mar 7, 9:38 am, "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
> wrote:
>
> > Hi Ryan,
>
> > In step, 'secure=1' is passed and the yellow warning is not displayed
> > on the page. I assume this would mean the webapp has been registered
> > successfully.
>
> > With regards to the Java Client Library, I checked the files in the
> > downloaded jar but did not find the version number. However, the
> > readme.txt file at the root of gdata jar has a date of November 30,
> > 2006.
>
> > I'm pasting below the auth header that the client library is sending
> > (captured by invoking AuthSubUtil.formAuthorizationHeader()).
>
> > AuthSub token="OnetimeUseToken"
> > data="GEThttps://www.google.com/accounts/AuthSubTokenInfo
> > 1173284488 14041690465791330324" sig="WIFR
> > +mvI39StCr0eOvHIXjb3hGwQJCsjzfWXp6Z9vn1m0Py/
> > ItI0ZXYb3TR3bRKKw6p8JVDaJGi5q/8aqdJnvUkEh9E39q1BN0lb2krvYrsX8D/wvmF0+u
> > +9WS23n7P6MlTHTiLhyehn14ne+Uy/u7+bRbmJ/WTV1ezrCSStkM0=" sigalg="rsa-
> > sha1"
>
> > Appreciate your help!
>
> > Cheers,
> > Abbas
>
> > On Mar 6, 7:03 pm, "Ryan Boyd (Google)" <[EMAIL PROTECTED]> wrote:
>
> > > Hi Abbas,
>
> > > No problem -- it's good news that your time is synchronized.
>
> > > In step #3, where the user grants access to your site-- have you verified
> > > that 'secure=0' is passed in the URL and the page does not contain the
> > > yellow warning box?
>
> > > Also, what version of the Java Client library are you using? Can you send
> > > me an example Authorization header which it is generating? (with the token
> > > value changed, of course). This header should include the URL for the
> > > feed
> > > (it's fine if you want to obfuscate the particular calendar.. I'm just
> > > looking for as much information as possible so that I can recreate the
> > > issue
> > > you're experiencing)
>
> > > I'm not aware of any others having issues using secured authsub from the
> > > java client library, but I'll gladly look into this further so we can
> > > find a
> > > solution for you.
>
> > > Cheers,
>
> > > -Ryan
>
> > > On 3/6/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
>
> > > > Hi Ryan,
>
> > > > Thanks for your time and help. My server is synchronized with an NTP
> > > > server. Is there anything else that I can look for?
>
> > > > Cheers,
> > > > Abbas
>
> > > > On Mar 6, 11:08 am, "Ryan Boyd (Google)" <[EMAIL PROTECTED]> wrote:
> > > > > Hi Abbas,
>
> > > > > Your process looks good. Can you please check the date/time setting
> > > > > on
> > > > your
> > > > > server? Is it synchronized to some good NTP servers? If you are
> > > > > using
> > > > the
> > > > > client library, this is probably the biggest problem that would not be
> > > > > code-dependent. A timestamp is part of the signature and, if far off,
> > > > you
> > > > > will get a 401.
>
> > > > > Cheers,
>
> > > > > -Ryan
>
> > > > > On 3/6/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
>
> > > > > > Hi All,
>
> > > > > > I am trying to request a secure session token for the calender feed.
> > > > > > My request returns a 'Signature is invalid' exception. Here is what
> > > > > > I
> > > > > > did.
>
> > > > > > 1. Registered my webapp online with a .pem certificate.
> > > > > > 2. User logged into my webapp and got redirected to authsub page.
> > > > > > 3. User grants access and my webapp gets a single use token.
> > > > > > 4. The webapp makes an api call through gdata java client library to
> > > > > > get the secure token: AuthSubUtil.exchangeForSessionToken(token,
> > > > > > privKey). The private key is passed to the gdata library for signing
> > > > > > the request. I checked the auth header to see if all the required
> > > > > > data
> > > > > > is present and all seemed to be good.
> > > > > > 5. The service responds with the following exception.
> > > > > > com.google.gdata.util.AuthenticationException: 401: Signature is
> > > > > > invalid
> > > > > > at
> > > > > > com.google.gdata.client.http.AuthSubUtil.exchangeForSessionToken
> > > > (Unknown
> > > > > > Source)
> > > > > > at
> > > > > > com.google.gdata.client.http.AuthSubUtil.exchangeForSessionToken
> > > > (Unknown
> > > > > > Source)
>
> > > > > > Did anybody face such an issue? Appreciate any help.
>
> > > > > > Thanks,
> > > > > > Abbas
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Google Calendar Data API" group.
To post to this group, send email to
[email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/google-calendar-help-dataapi?hl=en
-~----------~----~----~----~------~----~------~--~---
