You appear to be doing everything correct. One thing that comes to mind is that query parameters need to be urlencoded in the next URL (your gint URL). AuthSub will not redirect properly if they're not. Though, that doesn't explain the issue since you tested without them.
I think we're talking about two separate things here. When I asked for the AuthSubRequest URL, I meant the URL from your browser's address bar, not the code that's generating that URL. Can you post that? It should be something like: https://www.google.com/a/testfacultyu.northwestern.edu/AuthSubRequest?next=... It's also possible the Google Apps AuthSub request page isn't redirecting properly. :( Eric On Nov 25, 8:16 am, "Patricia Goldweic" <[EMAIL PROTECTED]> wrote: > Eric, > Just to add more details to this problem. Just as an experiment, I tried > getting rid of all the additional http parameters in my 'next' url below > (the ones I explained get added at runtime), and I still got the same result > (no redirection from Google). > Can you tell what is going on? (e.g. is this actually a bug that will > prevent me from using secure tokens? ). Thanks for looking into this, > -Patricia > > > -----Original Message----- > > From: [email protected] > > [mailto:[EMAIL PROTECTED] On Behalf Of > > Patricia Goldweic > > Sent: Monday, November 24, 2008 5:07 PM > > To: [email protected] > > Subject: RE: AuthSub not working well with secure tokens? > > > Eric, > > Here's my complete statement: > > > String requestUrl = > > AuthSubUtil.getRequestUrl("testfacultyu.northwestern.edu", > > "http://gint.at.northwestern.edu/samltool/GintShareHelperServlet";, > > "http://docs.google.com/feeds";, true, true); > > > Actually, at run time, my program appends a few http > > parameters to the 'gint' url before calling the > > AuthSubUtil.getRequestUrl() method (at least 3 parameters in > > fact, which tell it which page to display next, and what is > > the original http request about). So the url above can become > > url?collabID=<some id>&... Etc. > > > Please note that the same thing was true when I was using > > unsecure tokens instead (the first boolean flag above was > > false), and I had no trouble whatsoever. > > > Any suggestions? > > -Patricia > > > > -----Original Message----- > > > From: [email protected] > > > [mailto:[EMAIL PROTECTED] On Behalf Of Eric > > > (Google) > > > Sent: Monday, November 24, 2008 3:23 PM > > > To: Google Docs Data APIs > > > Subject: Re: AuthSub not working well with secure tokens? > > > > Hmmm, what's the full URL from the AuthSubRequest page? > > > > Eric > > > > On Nov 24, 11:31 am, "Patricia Goldweic" > > <[EMAIL PROTECTED]> > > > wrote: > > > > Hi Eric, > > > > Thanks for replying. I actually did the call to > > > getRequestUrl in the > > > > way you suggested, with both parameters set to true. I just never > > > > heard back from Google :-( about this request, which is the > > > reason for > > > > this post (in other words, AuthSubUtil does not seem to > > be properly > > > > processing my request, and does not redirect back to my > > > application as expected. > > > > > -Patricia > > > > > > -----Original Message----- > > > > > From: [email protected] > > > > > [mailto:[EMAIL PROTECTED] On > > Behalf Of Eric > > > > > (Google) > > > > > Sent: Monday, November 24, 2008 1:21 PM > > > > > To: Google Docs Data APIs > > > > > Subject: Re: AuthSub not working well with secure tokens? > > > > > > Hi Patricia, > > > > > > The Base API group you mentioned is for the Base Data API: > > > > >http://code.google.com/apis/base/ > > > > > > The best place to post for Auth issues is in that group: > > > > >http://groups.google.com/group/Google-Accounts-API/topics > > > > > > That being said, I also monitor the Accounts forum :) If you're > > > > > using secure AuthSub, you need to request a token with > > > > > secure=1: > > > > > > boolean secure = true > > > > > boolean sesssion = true > > > > > String requestUrl = > > > > > > > > AuthSubUtil.getRequestUrl("http://www.example.com/RetrieveToken";, > > > > > "http://docs.google.com/feeds/";, > > > > > secure , > > > > > sesssion ); > > > > > > and on subsequent requests (even the token upgrade), use > > > your RSA > > > > >private key for signing: > > > >http://code.google.com/apis/gdata/authsub.html#request-session-token > > > > > > java.security.PrivateKey privateKey = > > > > > AuthSubUtil.getPrivateKeyFromKeystore("AuthSubExample.jks", > > > > > "changeme", > > > > > "AuthSubExample", > > > > > "changeme"); String sessionToken = > > > > > AuthSubUtil.exchangeForSessionToken > > > > > (onetimeUseToken, > > > > > > > > > > privateKey); > > > > > > Information on how to create a key using Java keytool: > > > > >http://code.google.com/apis/gdata/authsub.html#Registered > > > > > > And upload the public certificate to ManageDomain as > > > described here: > > > > >http://code.google.com/apis/accounts/docs/RegistrationForWebAp > > > > > psAuto.html > > > > > > Cheers, > > > > > Eric > > > > > > On Nov 24, 10:44 am, "Patricia Goldweic" > > > > > <[EMAIL PROTECTED]> > > > > > wrote: > > > > > > I have just posted this email to the google Base Data apis > > > > > group, but > > > > > > I wonder if anybody in this group may have a suggestion. > > > > > > Thanks in advance, > > > > > > -Patricia > > > > > > > > -----Original Message----- > > > > > > > From: [EMAIL PROTECTED] > > > > > > > [mailto:[EMAIL PROTECTED] On Behalf Of > > > > > > > patriciaG > > > > > > > Sent: Monday, November 24, 2008 12:33 PM > > > > > > > To: Google Base Data API > > > > > > > Subject: [Google-Base-API] AuthSub not working well > > > with secure > > > > > > > tokens? > > > > > > > > I've recently started experimenting with AuthSub to > > > > > programmatically > > > > > > > update the sharing permissions over individual Google > > > docs. This > > > > > > > seemed to be working fine when I was using unsecure > > > > > tokens that were > > > > > > > eventually exchanged for a session token (I'm using the > > > > > Java client > > > > > > > library for this). > > > > > > > However, when I tried switching to requesting a > > secure token > > > > > > > from Google, I stopped getting the redirects from > > Google with > > > > > > > the one time token. > > > > > > > In other words, when I make the call: > > > > > > > > String requestUrl = > > > > > > > > > > AuthSubUtil.getRequestUrl("http://www.mydomain.com/RetrieveToken";, > > > > > > > > > > > > "http://www.google.com/calendar/feeds/";, > > > > > > > false, > > > > > > > true); > > > > > > > > The url in my application: > > > "http://www.mydomain.com/RetrieveToken"; > > > > > > > DOES NOT GAIN CONTROL of the http request process, > > > and so I can > > > > > > > neither retrieve the one time token, nor do > > anything else at > > > > > > > that point (no Java exceptions or error messages are > > > generated > > > > > > > by Google). > > > > > > > > Can somebody suggest what the problem is here, and how > > > > > can I resolve > > > > > > > it? > > > > > > > Thanks in advance, > > > > > > > -Patricia --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Docs Data APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/Google-Docs-Data-APIs?hl=en -~----------~----~----~----~------~----~------~--~---
