I also tried generating unique nonces for the base string and request, that also didnt work
-Jeff On Thu, Jul 21, 2011 at 2:07 PM, Jeff Gladnick <[email protected]>wrote: > Ok, so it seems like google is generating a 32 character hex string. Can i > just generate a random string uses 0-9,a-f? > > That produces this: > > > me: base string: > GET&https%3A%2F%2Fwww.google.com > %2Fm8%2Ffeeds%2Fcontacts%2Fdefault%2Ffull%2F&oauth_consumer_key%3Dtesturl.com%26oauth_nonce%3Db5ffd09d1c71ab5c98cdd89943e7262a%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1311278659%26oauth_token%3D1%252FxvGgT4uc8TX2WZPOwxRjObwhpwTxnWTsbZzMXmIeOZk%26oauth_version%3D1.0 > > google: base string: > GET&https%3A%2F%2Fwww.google.com > %2Fm8%2Ffeeds%2Fcontacts%2Fdefault%2Ffull%2F&oauth_consumer_key%3Dtesturl.com%26oauth_nonce%3Db1403f30b2aa6ab33420f9f6cf5f318d%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1311278571%26oauth_token%3D1%252FSl3VnS7c8ieAQdQzCBqOiY67buOFDVbF0iQWNCExb_Q%26oauth_version%3D1.0 > > me URL: > > /m8/feeds/contacts/default/full/?oauth_version=1.0&oauth_nonce=b5ffd09d1c71ab5c98cdd89943e7262a&oauth_timestamp=1311278659&oauth_consumer_key= > testurl.com > &oauth_token=1%2FxvGgT4uc8TX2WZPOwxRjObwhpwTxnWTsbZzMXmIeOZk&oauth_signature_method=HMAC-SHA1&oauth_signature=5NhjXcmlZjIUwuBtpc63%2B9YTJZc%3D > > google URL: > > /m8/feeds/contacts/default/full/?oauth_version=1.0&oauth_nonce=b1403f30b2aa6ab33420f9f6cf5f318d&oauth_timestamp=1311278571&oauth_consumer_key= > testurl.com&oauth_token=1%2FSl3VnS7c8ieAQdQzCBqOiY67buOFDVbF0iQWNCExb_Q&oauth_signature_method=HMAC-SHA1&oauth_signature=uFJ795dJ54BtltgcC8h3mfxth7c%3D > HTTP/1.1 > > > Still the same 401 error. > > -Jeff > > > > On Thu, Jul 21, 2011 at 10:30 AM, Alain Vongsouvanh <[email protected]>wrote: > >> Hello Jeff, >> >> You can find more information about OAuth parameter in the reference >> guide<http://code.google.com/apis/accounts/docs/OAuth_ref.html#RequestToken>. >> The oauth_nonce parameter needs to be "a random 64 bit, unsigned number >> encoded as an ASCII string in decimal format" which means that your value is >> indeed too short. >> >> Best, >> Alain >> >> On Wed, Jul 20, 2011 at 2:42 PM, Jeff Gladnick >> <[email protected]>wrote: >> >>> Progress: >>> >>> I now have a valid auth token returning an >>> oauth_token/oauth_token_secret. >>> >>> I am trying to use it to get my list of contacts, and I am using the >>> sandbox request/base string as a guide. >>> >>> BASE STRING >>> >>> my app: >>> GET&https%3A%2F%2Fwww.google.com >>> %2Fm8%2Ffeeds%2Fcontacts%2Fdefault%2Ffull%2F&oauth_consumer_key%3Dtesturl.com%26oauth_nonce%3D9520399%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1311197884%26oauth_token%3D1%252F4iDOsg0nwKVDto9HHIXGmM3UkNJRnMOyfbW32GLH0P4%26oauth_version%3D1.0 >>> >>> sandbox: base string: >>> GET&https%3A%2F%2Fwww.google.com >>> %2Fm8%2Ffeeds%2Fcontacts%2Fdefault%2Ffull%2F&oauth_consumer_key%3Dtesturl.com%26oauth_nonce%3D7c55b40f5e53d4fe136aca0cf3eafa76%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1311196977%26oauth_token%3D1%252FTG-_6OgZrQndDfhy6C2NIAnj-2xWVv8zFYcwBYBU2LQ%26oauth_version%3D1.0 >>> >>> >>> >>> REQUEST >>> >>> my app: >>> GET >>> /m8/feeds/contacts/default/full/?oauth_version=1.0&oauth_nonce=59962&oauth_timestamp=1311197884&oauth_consumer_key= >>> testurl >>> .com&oauth_token=1%2F4iDOsg0nwKVDto9HHIXGmM3UkNJRnMOyfbW32GLH0P4&oauth_signature_method=HMAC-SHA1&oauth_signature=Ou9gXF8gNsJSaGfErjA6PGZ7WJA%3D >>> >>> sandbox: >>> GET >>> /m8/feeds/contacts/default/full/?oauth_version=1.0&oauth_nonce=42857dfcede9967828bc0c67b96de05c&oauth_timestamp=1311197215&oauth_consumer_key= >>> testurl.com&oauth_token=1%2FTG-_6OgZrQndDfhy6C2NIAnj-2xWVv8zFYcwBYBU2LQ&oauth_signature_method=HMAC-SHA1&oauth_signature=QyBLq4I88dDSF0QMZSfmnwdZVlw%3D >>> HTTP/1.1 >>> >>> >>> The only difference is the nonce I am generating is way shorter. Does >>> this even matter? >>> >>> -Jeff >>> >>> >>> >>> On Wed, Jul 20, 2011 at 3:02 PM, Jeff Gladnick >>> <[email protected]>wrote: >>> >>>> Here is more detail: >>>> >>>> In my application, the request made to the "grant permission page" >>>> (oauthauthorizetoken) is th is: >>>> >>>> >>>> https://www.google.com/accounts/OAuthAuthorizeToken?oauth_token=4%2FS-FrXuMVTyKPtt8qfHzXimksvLJF&hd=default&oauth_callback=http%3A%2F%2Fsportsbuzz%2Elocal%2Fgoogle2%2Ecfm%3Fkey%3Dgtesturl%2Ecom%26secret%3DcEdJDfn31Z3LC%5FAw4gQZ4tnL%26token%3D4%252FS%2DFrXuMVTyKPtt8qfHzXimksvLJF%26token%5Fsecret%3D%2DXYXU7huypvUvnN6MBHMJwOt%26endpoint%3Dhttps%253A%252F%252Fwww%252Egoogle%252Ecom%252Faccounts%252FOAuthAuthorizeToken >>>> >>>> >>>> In the sandbox, it looks like this: >>>> >>>> https://www.google.com/accounts/OAuthAuthorizeToken?oauth_token=4%2F3jeTnCv32JYRebIdcw53Odn9ldJh&hd=default<https://www.google.com/accounts/OAuthAuthorizeToken?oauth_token=4%2F3jeBnCv22JkRebIdcw53Odn9ldJh&hd=default> >>>> >>>> -Jeff >>>> >>>> >>>> >>>> On Wed, Jul 20, 2011 at 2:59 PM, Jeff Gladnick <[email protected] >>>> > wrote: >>>> >>>>> More updates, I can get it working with the playground app. The main >>>>> difference is that I am not getting back an oauth_verifier url param after >>>>> the client grants access.... >>>>> >>>>> -Jeff >>>>> >>>>> >>>>> >>>>> On Wed, Jul 20, 2011 at 2:10 PM, Jeff Gladnick < >>>>> [email protected]> wrote: >>>>> >>>>>> Also, when i hit the "available feeds" button, 403 error. >>>>>> >>>>>> -Jeff >>>>>> >>>>>> >>>>>> >>>>>> On Wed, Jul 20, 2011 at 2:08 PM, Jeff Gladnick < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> Ok, this seems to work in the oauth playground when i try with >>>>>>> blogger using: >>>>>>> >>>>>>> scope: >>>>>>> https://www.blogger.com/feeds/ >>>>>>> >>>>>>> and in (6 Use the token) where I enter the feed: >>>>>>> >>>>>>> http://www.blogger.com/feeds/1982051675575479214/posts/default?max-results=3 >>>>>>> >>>>>>> That works! >>>>>>> >>>>>>> But when I try with contacts: >>>>>>> >>>>>>> scope: >>>>>>> https://www.google.com/m8/feeds/ >>>>>>> >>>>>>> and in (6 Use the token) where I enter the feed: >>>>>>> https://www.google.com/m8/feeds/contacts/default/full >>>>>>> >>>>>>> Token invalid - Invalid AuthSub token. >>>>>>> >>>>>>> -Jeff >>>>>>> >>>>>>> >>>>>>> >>>>>>> On Wed, Jul 20, 2011 at 1:31 PM, Jeff Gladnick < >>>>>>> [email protected]> wrote: >>>>>>> >>>>>>>> >>>>>>>>>> You should aslo consider using OAuth >>>>>>>>>> Playground<http://googlecodesamples.com/oauth_playground/>to debug >>>>>>>>>> your code and understand how to generate base signature input and >>>>>>>>>> sign requests. >>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>> Is there a tutorial anywhere you would recommend on how to use this. >>>>>>>> I'm plugging in my data but still getting the same 401 error. I must >>>>>>>> be >>>>>>>> doing something wrong. >>>>>>>> >>>>>>> >>>>>>> >>>>>> >>>>> >>>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Google Contacts, Shared Contacts and User Profiles APIs" group. >>> To post to this group, send email to >>> [email protected] >>> To unsubscribe from this group, send email to >>> [email protected] >>> For more options, visit this group at >>> http://code.google.com/apis/contacts/community/forum.html >>> >> >> >> >> -- >> Alain Vongsouvanh >> >> >> >> -- >> You received this message because you are subscribed to the Google >> Groups "Google Contacts, Shared Contacts and User Profiles APIs" group. >> To post to this group, send email to >> [email protected] >> To unsubscribe from this group, send email to >> [email protected] >> For more options, visit this group at >> http://code.google.com/apis/contacts/community/forum.html >> > > -- You received this message because you are subscribed to the Google Groups "Google Contacts, Shared Contacts and User Profiles APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://code.google.com/apis/contacts/community/forum.html
