Ok, so it seems like google is generating a 32 character hex string. Can i just generate a random string uses 0-9,a-f?
That produces this: me: base string: GET&https%3A%2F%2Fwww.google.com %2Fm8%2Ffeeds%2Fcontacts%2Fdefault%2Ffull%2F&oauth_consumer_key%3Dtesturl.com%26oauth_nonce%3Db5ffd09d1c71ab5c98cdd89943e7262a%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1311278659%26oauth_token%3D1%252FxvGgT4uc8TX2WZPOwxRjObwhpwTxnWTsbZzMXmIeOZk%26oauth_version%3D1.0 google: base string: GET&https%3A%2F%2Fwww.google.com %2Fm8%2Ffeeds%2Fcontacts%2Fdefault%2Ffull%2F&oauth_consumer_key%3Dtesturl.com%26oauth_nonce%3Db1403f30b2aa6ab33420f9f6cf5f318d%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1311278571%26oauth_token%3D1%252FSl3VnS7c8ieAQdQzCBqOiY67buOFDVbF0iQWNCExb_Q%26oauth_version%3D1.0 me URL: /m8/feeds/contacts/default/full/?oauth_version=1.0&oauth_nonce=b5ffd09d1c71ab5c98cdd89943e7262a&oauth_timestamp=1311278659&oauth_consumer_key= testurl.com &oauth_token=1%2FxvGgT4uc8TX2WZPOwxRjObwhpwTxnWTsbZzMXmIeOZk&oauth_signature_method=HMAC-SHA1&oauth_signature=5NhjXcmlZjIUwuBtpc63%2B9YTJZc%3D google URL: /m8/feeds/contacts/default/full/?oauth_version=1.0&oauth_nonce=b1403f30b2aa6ab33420f9f6cf5f318d&oauth_timestamp=1311278571&oauth_consumer_key= testurl.com&oauth_token=1%2FSl3VnS7c8ieAQdQzCBqOiY67buOFDVbF0iQWNCExb_Q&oauth_signature_method=HMAC-SHA1&oauth_signature=uFJ795dJ54BtltgcC8h3mfxth7c%3D HTTP/1.1 Still the same 401 error. -Jeff On Thu, Jul 21, 2011 at 10:30 AM, Alain Vongsouvanh <[email protected]>wrote: > Hello Jeff, > > You can find more information about OAuth parameter in the reference > guide<http://code.google.com/apis/accounts/docs/OAuth_ref.html#RequestToken>. > The oauth_nonce parameter needs to be "a random 64 bit, unsigned number > encoded as an ASCII string in decimal format" which means that your value is > indeed too short. > > Best, > Alain > > On Wed, Jul 20, 2011 at 2:42 PM, Jeff Gladnick <[email protected]>wrote: > >> Progress: >> >> I now have a valid auth token returning an oauth_token/oauth_token_secret. >> >> >> I am trying to use it to get my list of contacts, and I am using the >> sandbox request/base string as a guide. >> >> BASE STRING >> >> my app: >> GET&https%3A%2F%2Fwww.google.com >> %2Fm8%2Ffeeds%2Fcontacts%2Fdefault%2Ffull%2F&oauth_consumer_key%3Dtesturl.com%26oauth_nonce%3D9520399%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1311197884%26oauth_token%3D1%252F4iDOsg0nwKVDto9HHIXGmM3UkNJRnMOyfbW32GLH0P4%26oauth_version%3D1.0 >> >> sandbox: base string: >> GET&https%3A%2F%2Fwww.google.com >> %2Fm8%2Ffeeds%2Fcontacts%2Fdefault%2Ffull%2F&oauth_consumer_key%3Dtesturl.com%26oauth_nonce%3D7c55b40f5e53d4fe136aca0cf3eafa76%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1311196977%26oauth_token%3D1%252FTG-_6OgZrQndDfhy6C2NIAnj-2xWVv8zFYcwBYBU2LQ%26oauth_version%3D1.0 >> >> >> >> REQUEST >> >> my app: >> GET >> /m8/feeds/contacts/default/full/?oauth_version=1.0&oauth_nonce=59962&oauth_timestamp=1311197884&oauth_consumer_key= >> testurl >> .com&oauth_token=1%2F4iDOsg0nwKVDto9HHIXGmM3UkNJRnMOyfbW32GLH0P4&oauth_signature_method=HMAC-SHA1&oauth_signature=Ou9gXF8gNsJSaGfErjA6PGZ7WJA%3D >> >> sandbox: >> GET >> /m8/feeds/contacts/default/full/?oauth_version=1.0&oauth_nonce=42857dfcede9967828bc0c67b96de05c&oauth_timestamp=1311197215&oauth_consumer_key= >> testurl.com&oauth_token=1%2FTG-_6OgZrQndDfhy6C2NIAnj-2xWVv8zFYcwBYBU2LQ&oauth_signature_method=HMAC-SHA1&oauth_signature=QyBLq4I88dDSF0QMZSfmnwdZVlw%3D >> HTTP/1.1 >> >> >> The only difference is the nonce I am generating is way shorter. Does >> this even matter? >> >> -Jeff >> >> >> >> On Wed, Jul 20, 2011 at 3:02 PM, Jeff Gladnick >> <[email protected]>wrote: >> >>> Here is more detail: >>> >>> In my application, the request made to the "grant permission page" >>> (oauthauthorizetoken) is th is: >>> >>> >>> https://www.google.com/accounts/OAuthAuthorizeToken?oauth_token=4%2FS-FrXuMVTyKPtt8qfHzXimksvLJF&hd=default&oauth_callback=http%3A%2F%2Fsportsbuzz%2Elocal%2Fgoogle2%2Ecfm%3Fkey%3Dgtesturl%2Ecom%26secret%3DcEdJDfn31Z3LC%5FAw4gQZ4tnL%26token%3D4%252FS%2DFrXuMVTyKPtt8qfHzXimksvLJF%26token%5Fsecret%3D%2DXYXU7huypvUvnN6MBHMJwOt%26endpoint%3Dhttps%253A%252F%252Fwww%252Egoogle%252Ecom%252Faccounts%252FOAuthAuthorizeToken >>> >>> >>> In the sandbox, it looks like this: >>> >>> https://www.google.com/accounts/OAuthAuthorizeToken?oauth_token=4%2F3jeTnCv32JYRebIdcw53Odn9ldJh&hd=default<https://www.google.com/accounts/OAuthAuthorizeToken?oauth_token=4%2F3jeBnCv22JkRebIdcw53Odn9ldJh&hd=default> >>> >>> -Jeff >>> >>> >>> >>> On Wed, Jul 20, 2011 at 2:59 PM, Jeff Gladnick >>> <[email protected]>wrote: >>> >>>> More updates, I can get it working with the playground app. The main >>>> difference is that I am not getting back an oauth_verifier url param after >>>> the client grants access.... >>>> >>>> -Jeff >>>> >>>> >>>> >>>> On Wed, Jul 20, 2011 at 2:10 PM, Jeff Gladnick <[email protected] >>>> > wrote: >>>> >>>>> Also, when i hit the "available feeds" button, 403 error. >>>>> >>>>> -Jeff >>>>> >>>>> >>>>> >>>>> On Wed, Jul 20, 2011 at 2:08 PM, Jeff Gladnick < >>>>> [email protected]> wrote: >>>>> >>>>>> Ok, this seems to work in the oauth playground when i try with blogger >>>>>> using: >>>>>> >>>>>> scope: >>>>>> https://www.blogger.com/feeds/ >>>>>> >>>>>> and in (6 Use the token) where I enter the feed: >>>>>> >>>>>> http://www.blogger.com/feeds/1982051675575479214/posts/default?max-results=3 >>>>>> >>>>>> That works! >>>>>> >>>>>> But when I try with contacts: >>>>>> >>>>>> scope: >>>>>> https://www.google.com/m8/feeds/ >>>>>> >>>>>> and in (6 Use the token) where I enter the feed: >>>>>> https://www.google.com/m8/feeds/contacts/default/full >>>>>> >>>>>> Token invalid - Invalid AuthSub token. >>>>>> >>>>>> -Jeff >>>>>> >>>>>> >>>>>> >>>>>> On Wed, Jul 20, 2011 at 1:31 PM, Jeff Gladnick < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> >>>>>>>>> You should aslo consider using OAuth >>>>>>>>> Playground<http://googlecodesamples.com/oauth_playground/>to debug >>>>>>>>> your code and understand how to generate base signature input and >>>>>>>>> sign requests. >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>> Is there a tutorial anywhere you would recommend on how to use this. >>>>>>> I'm plugging in my data but still getting the same 401 error. I must >>>>>>> be >>>>>>> doing something wrong. >>>>>>> >>>>>> >>>>>> >>>>> >>>> >>> >> -- >> You received this message because you are subscribed to the Google >> Groups "Google Contacts, Shared Contacts and User Profiles APIs" group. >> To post to this group, send email to >> [email protected] >> To unsubscribe from this group, send email to >> [email protected] >> For more options, visit this group at >> http://code.google.com/apis/contacts/community/forum.html >> > > > > -- > Alain Vongsouvanh > > > > -- > You received this message because you are subscribed to the Google > Groups "Google Contacts, Shared Contacts and User Profiles APIs" group. > To post to this group, send email to > [email protected] > To unsubscribe from this group, send email to > [email protected] > For more options, visit this group at > http://code.google.com/apis/contacts/community/forum.html > -- You received this message because you are subscribed to the Google Groups "Google Contacts, Shared Contacts and User Profiles APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://code.google.com/apis/contacts/community/forum.html
