Haha, an extra newline! Amazing how the small things can trip you up.
Thanks for sharing your code!
Cheers,
-Jeff
On Jun 26, 6:06 pm, Immad <[EMAIL PROTECTED]> wrote:
> Hi Jeff,
>
> I have fixed the problem!
>
> It turns out all I had to do was remove the '\n' inserted by the
> encode64 function. Also using sig =
> key.sign(OpenSSL::Digest::SHA1.new, data) is that way to do it just
> in case any one else is stuck on something similar.
>
> Thanks fro your help Jeff.
>
> Immad
>
> Ps: this is the ruby function for making a signed header just in case
> anyone else wants need:
>
> def google_header url, token
> time = Time.now.to_i.to_s
> nonce = OpenSSL::BN.rand_range(2**64)
> data = "GET #{url} #{time} #{nonce}"
>
> key = OpenSSL::PKey::RSA.new(File.read("config/privkey.pem"))
> sig = key.sign(OpenSSL::Digest::SHA1.new, (data))
> sig = Base64.b64encode(sig).gsub(/\n/, '')
>
> header = {'Authorization' => "AuthSub token=\"#{token}\" sigalg=
> \"rsa-sha1\" data=\"#{data}\" sig=\"#{sig}\""}
> header["Content-Type"] = "application/x-www-form-urlencoded"
>
> return header
> end
>
> On Jun 26, 4:26 pm, "Jeff Fisher (Google)" <[EMAIL PROTECTED]>
> wrote:
>
> > Hi,
>
> > Ah, good to know it provides a different message for an invalid
> > signature. Your Authorization header looks correct to me. Can you use
> > Wireshark and see what is actually being sent over the wire?
>
> > Cheers,
> > -Jeff
>
> > On Jun 26, 2:41 pm, "Immad Akhund" <[EMAIL PROTECTED]> wrote:
>
> > > I did do secure=1&session=1
>
> > > The public certificate is correct, although the google management
> > > interface
> > > does not let me check the current uploaded certificate (unless I am
> > > missing
> > > where you can do that).
>
> > > If I change the signature to a random string like "kgljakg" then instead
> > > of
> > > saying bad request I get the error that the signature is invalid.
> > > Therefore
> > > I am guessing its actually in the wrong format rather than just an
> > > incorrect
> > > signature.
>
> > > Thanks for the help,
>
> > > Immad
>
> > > On Thu, Jun 26, 2008 at 2:36 PM, Jeff Fisher (Google) <
>
> > > [EMAIL PROTECTED]> wrote:
>
> > > > Hi Immad,
>
> > > > Since the server errors aren't always super descriptive, can you also
> > > > verify you requested the initial token with secure=1&session=1 and the
> > > > public certificate you uploaded to the ManageDomains page is correct?
>
> > > > Cheers,
> > > > -Jeff
>
> > > > On Jun 25, 10:03 am, Immad <[EMAIL PROTECTED]> wrote:
> > > > > I have tried every method I can imagine, including working from
> > > > > several other peoples examples but I just can't get the signature on
> > > > > secure requests working in ruby.
>
> > > > > I get the a "400 Bad Request error". Given that it is bad request I am
> > > > > pretty sure my signature is being constructed incorrectly. Here is my
> > > > > code given a specific data to sign:
>
> > > > > data = "GEThttps://www.google.com/accounts/AuthSubSessionToken
> > > > > 1208475262 97612217129769266447"
> > > > > key = OpenSSL::PKey::RSA.new(File.read("config/privkey.pem"))
> > > > > sig = key.private_encrypt(Digest::SHA1::hexdigest(data))
> > > > > # at this stage the data looks all crazy: ""\225\037� ~
> > > > > \275 \225\211Dg\245I\261$\032u`\025�...."
> > > > > sig = Base64.b64encode(sig.to_s)
>
> > > > > This gives sig as: "lR/
> > > > > mAX69wo2ViURnpUmxJBp1YBXiDTkCgtj9zTXMtjqYg8jnPg0g9FTw3pUt
> > > > > \nfPVY3MPczOHcmF5NN5+UYuJbwpFMFZ2e+DZHn1gGE+XZznyNqY9tNg3szYAr
> > > > > \n2okXUp5qYYnTvojiulpWQZqO2lNSo1eLmcNHSWO+79eZuJ1JQlE=\n"
>
> > > > > And my Header ends up being:
>
> > > > > "Authorization: AuthSub token=\"CKPrudSKERDWzqnw______8B\" sigalg=
> > > > > \"rsa-sha1\" data=\"GEThttps://
> > > >www.google.com/accounts/AuthSubSessionToken
> > > > > 1208475262 97612217129769266447\" sig=\"lR/
> > > > > mAX69wo2ViURnpUmxJBp1YBXiDTkCgtj9zTXMtjqYg8jnPg0g9FTw3pUt
> > > > > \nfPVY3MPczOHcmF5NN5+UYuJbwpFMFZ2e+DZHn1gGE+XZznyNqY9tNg3szYAr
> > > > > \n2okXUp5qYYnTvojiulpWQZqO2lNSo1eLmcNHSWO+79eZuJ1JQlE=\n\""
>
> > > > > This is what gives me a bad request. I have tried various different
> > > > > ways of doing this, the other way of producing the rsa-sha1 signature
> > > > > that I saw on the net was by changing sig to be:
>
> > > > > sig = key.sign(OpenSSL::Digest::SHA1.new, data)
>
> > > > > This ended up giving me base 64 encoded signature of:
> > > > > "NkHzHLAk/PSoWf2Eie1N1DUrTXh6OtNgKl4wa9rLjeWI7Le3E0LNcvsvfRDj
> > > > > \nYZ9skWLCVwmx45HxZqUSRp/06Upr9MP9oeDCPgLR35CmoVTpQFrdzD5ODt7y
> > > > > \nSQuEYDn81D1vngMBJHivLjVMZDPTVyzO0xZaTb4pAkEGph/jApM=\n"
>
> > > > > Not sure why that should be different, but I can't quite find any
> > > > > documentation on what exactly the sign method does.
>
> > > > > Either way given that I am getting bad request back, I am guessing
> > > > > this is a fundamental difference between what Google Authsub API
> > > > > expects and what ruby is through out.
>
> > > > > This is with ruby 1.8.5. Running under Rails 1.2.6 (if that's
> > > > > relevant)
>
> > > > > Thanks in advance,
> > > > > Immad
>
> > > --
> > > Cell: +1 617 460 7271
> > > Mobile: +44 797399 3672
> > > Skype: i.akhund
> > > Blog:http://immadsnewworld.com
>
> > > Clickpass, CTO
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Google Data Protocol" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/google-help-dataapi?hl=en
-~----------~----~----~----~------~----~------~--~---
