Hmm, that's strange that it works by copy and pasting the URL into your browser but not from your web app. It looks like AuthSub may be getting confused by the SSO enabled domain??? When you click "Grant access" what is the behavior?
I hate to send you to another group, but the Google Apps group may have helpful answers regarding AuthSub+SSO: http://groups.google.com/group/google-apps-apis/topics I'm also confused, as this worked at one point for you. Eric On Nov 25, 12:07 pm, "Patricia Goldweic" <[EMAIL PROTECTED]> wrote: > Eric, > It turns out that now, even when I request an 'unsecure' token, I'm having > the same problem :-(. I've decided to temporarily get back to the unsecure > mode to get things working, at least partially (demo purposes), and I'm > getting the same result (no redirection to my registered web app). > Here is the complete url that my web app is redirecting to, within a > "response.sendRedirect(thisurl); " statement. > > https://www.google.com/accounts/AuthSubRequest?next=http%3A%2F%2Fgint... > thwestern.edu%2Fsamltool%2FGintShareHelperServlet%3FgoogleID%3Dpgo586%26coll > abID%3Dbb102%26contentURL%3Dhttps%253A%252F%252Fdocs.google.com%252Fa%252Fte > stfacultyu.northwestern.edu%252FDoc%253Fdocid%253Ddgp5nd2s_3c4ghs3cn%2526hl% > 253Den&scope=http%3A%2F%2Fdocs.google.com%2Ffeeds&secure=0&session=1&hd=test > facultyu.northwestern.edu > > Something very curious: if I type in this url in the web browser after the > problem occurs, it actually does seem to load the page correctly, although > somehow it fails to work within my program though... (by now, I'm really > confused about this behavior). > > Thanks again for looking into this, > -Patricia > > > -----Original Message----- > > From: [email protected] > > [mailto:[EMAIL PROTECTED] On Behalf Of > > Eric (Google) > > Sent: Tuesday, November 25, 2008 12:58 PM > > To: Google Docs Data APIs > > Subject: Re: AuthSub not working well with secure tokens? > > > You appear to be doing everything correct. One thing that > > comes to mind is that query parameters need to be urlencoded > > in the next URL (your gint URL). AuthSub will not redirect > > properly if they're not. Though, that doesn't explain the > > issue since you tested without them. > > > I think we're talking about two separate things here. When I > > asked for the AuthSubRequest URL, I meant the URL from your > > browser's address bar, not the code that's generating that > > URL. Can you post that? It should be something > > like: > >https://www.google.com/a/testfacultyu.northwestern.edu/AuthSub > > Request?next=... > > > It's also possible the Google Apps AuthSub request page isn't > > redirecting properly. :( Eric > > > On Nov 25, 8:16 am, "Patricia Goldweic" <[EMAIL PROTECTED]> > > wrote: > > > Eric, > > > Just to add more details to this problem. Just as an experiment, I > > > tried getting rid of all the additional http parameters in > > my 'next' > > > url below (the ones I explained get added at runtime), and > > I still got > > > the same result (no redirection from Google). > > > Can you tell what is going on? (e.g. is this actually a bug > > that will > > > prevent me from using secure tokens? ). Thanks for looking > > into this, > > > -Patricia > > > > > -----Original Message----- > > > > From: [email protected] > > > > [mailto:[EMAIL PROTECTED] On Behalf Of > > > > Patricia Goldweic > > > > Sent: Monday, November 24, 2008 5:07 PM > > > > To: [email protected] > > > > Subject: RE: AuthSub not working well with secure tokens? > > > > > Eric, > > > > Here's my complete statement: > > > > > String requestUrl = > > > > AuthSubUtil.getRequestUrl("testfacultyu.northwestern.edu", > > > > "http://gint.at.northwestern.edu/samltool/GintShareHelperServlet";, > > > > "http://docs.google.com/feeds";, true, true); > > > > > Actually, at run time, my program appends a few http > > parameters to > > > > the 'gint' url before calling the > > > > AuthSubUtil.getRequestUrl() method (at least 3 parameters > > in fact, > > > > which tell it which page to display next, and what is the > > original > > > > http request about). So the url above can become > > url?collabID=<some > > > > id>&... Etc. > > > > > Please note that the same thing was true when I was using > > unsecure > > > > tokens instead (the first boolean flag above was false), > > and I had > > > > no trouble whatsoever. > > > > > Any suggestions? > > > > -Patricia > > > > > > -----Original Message----- > > > > > From: [email protected] > > > > > [mailto:[EMAIL PROTECTED] On > > Behalf Of Eric > > > > > (Google) > > > > > Sent: Monday, November 24, 2008 3:23 PM > > > > > To: Google Docs Data APIs > > > > > Subject: Re: AuthSub not working well with secure tokens? > > > > > > Hmmm, what's the full URL from the AuthSubRequest page? > > > > > > Eric > > > > > > On Nov 24, 11:31 am, "Patricia Goldweic" > > > > <[EMAIL PROTECTED]> > > > > > wrote: > > > > > > Hi Eric, > > > > > > Thanks for replying. I actually did the call to > > > > > getRequestUrl in the > > > > > > way you suggested, with both parameters set to true. I just > > > > > > never heard back from Google :-( about this request, which is > > > > > > the > > > > > reason for > > > > > > this post (in other words, AuthSubUtil does not seem to > > > > be properly > > > > > > processing my request, and does not redirect back to my > > > > > application as expected. > > > > > > > -Patricia > > > > > > > > -----Original Message----- > > > > > > > From: [email protected] > > > > > > > [mailto:[EMAIL PROTECTED] On > > > > Behalf Of Eric > > > > > > > (Google) > > > > > > > Sent: Monday, November 24, 2008 1:21 PM > > > > > > > To: Google Docs Data APIs > > > > > > > Subject: Re: AuthSub not working well with secure tokens? > > > > > > > > Hi Patricia, > > > > > > > > The Base API group you mentioned is for the Base Data API: > > > > > > >http://code.google.com/apis/base/ > > > > > > > > The best place to post for Auth issues is in that group: > > > > > > >http://groups.google.com/group/Google-Accounts-API/topics > > > > > > > > That being said, I also monitor the Accounts forum :) If > > > > > > > you're using secure AuthSub, you need to request a > > token with > > > > > > > secure=1: > > > > > > > > boolean secure = true > > > > > > > boolean sesssion = true > > > > > > > String requestUrl = > > > AuthSubUtil.getRequestUrl("http://www.example.com/RetrieveToken";, > > > > > > > "http://docs.google.com/feeds/";, > > > > > > > secure , > > > > > > > sesssion ); > > > > > > > > and on subsequent requests (even the token upgrade), use > > > > > your RSA > > > > > > >private key for signing: > > > >http://code.google.com/apis/gdata/authsub.html#request-session-toke > > > > >n > > > > > > > > java.security.PrivateKey privateKey = > > > AuthSubUtil.getPrivateKeyFromKeystore("AuthSubExample.jks", > > > > > > > "changeme", > > > > > > > "AuthSubExample", > > > > > > > "changeme"); String sessionToken = > > > > > > > AuthSubUtil.exchangeForSessionToken > > > > > > > (onetimeUseToken, > > > > > > > > privateKey); > > > > > > > > Information on how to create a key using Java keytool: > > > > > > >http://code.google.com/apis/gdata/authsub.html#Registered > > > > > > > > And upload the public certificate to ManageDomain as > > > > > described here: > > > >http://code.google.com/apis/accounts/docs/RegistrationForWebAp > > > > > > > psAuto.html > > > > > > > > Cheers, > > > > > > > Eric > > > > > > > > On Nov 24, 10:44 am, "Patricia Goldweic" > > > > > > > <[EMAIL PROTECTED]> > > > > > > > wrote: > > > > > > > > I have just posted this email to the google Base Data apis > > > > > > > group, but > > > > > > > > I wonder if anybody in this group may have a suggestion. > > > > > > > > Thanks in advance, > > > > > > > > -Patricia > > > > > > > > > > -----Original Message----- > > > > > > > > > From: [EMAIL PROTECTED] > > > > > > > > > [mailto:[EMAIL PROTECTED] > > On Behalf > > > > > > > > > Of patriciaG > > > > > > > > > Sent: Monday, November 24, 2008 12:33 PM > > > > > > > > > To: Google Base Data API > > > > > > > > > Subject: [Google-Base-API] AuthSub not working well > > > > > with secure > > > > > > > > > tokens? > > > > > > > > > > I've recently started experimenting with AuthSub to > > > > > > > programmatically > > > > > > > > > update the sharing permissions over individual Google > > > > > docs. This > > > > > > > > > seemed to be working fine when I was using unsecure > > > > > > > tokens that were > > > > > > > > > eventually exchanged for a session token (I'm using the > > > > > > > Java client > > > > > > > > > library for this). > > > > > > > > > However, when I tried switching to requesting a > > > > secure token > > > > > > > > > from Google, I stopped getting the redirects from > > > > Google with > > > > > > > > > the one time token. > > > > > > > > > In other words, when I make the call: > > > > > > > > > > String requestUrl = > > > > > AuthSubUtil.getRequestUrl("http://www.mydomain.com/RetrieveToken";, > > > > > > > > "http://www.google.com/calendar/feeds/";, > > > > > > > > > false, > > > > > > > > > true); > > > > > > > > > > The url in my application: > > > > > "http://www.mydomain.com/RetrieveToken"; > > > > > > > > > DOES NOT GAIN CONTROL of the http request process, > > > > > and so I can > > > > > > > > > neither retrieve the one time token, nor do > > > > anything else at > > > > > > > > > that point (no Java exceptions or error messages are > > > > > generated > > > > > > > > > by Google). > > > > > > > > > > Can somebody suggest what the problem is here, and how > > > > > > > can I resolve > > > > > > > > > it? > > > > > > > > > Thanks in advance, > > > > > > > > > -Patricia --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Docs Data APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/Google-Docs-Data-APIs?hl=en -~----------~----~----~----~------~----~------~--~---
