Shouldn't the use of the token/secret be the same between 2legged and 3legged? I thought the main difference (pardon my ignorance if i am completely wrong here) is the way that the token/secret is acquired, not the use?
Frank On Apr 15, 2009, at 6:41 AM, isyndica wrote: > > Hey Jeff, > > Thanks for chiming in! Well, actually I get the token and all - the > 3- > legged OAuth part works perfectly: I request a token, get it, proceed > to authorization, convert it and get my final token and secret just > fine. > It's just, after that, I don't know how to use my prety OAuth Access > token/secret with the rest of the library. > > So I take it I'm traveling in unknown territory here then? > > > > On Apr 14, 2:23 pm, Jeff Fisher <api.jfis...@google.com> wrote: >> I don't think the .NET client library supported three-legged OAuth >> at this >> time; only two-legged OAuth. I would bring it up in the .NET client >> library >> forum: >> >> http://groups.google.com/group/gdata-dotnet-client-library >> >> Cheers, >> -Jeff >> >> On Mon, Apr 13, 2009 at 11:35 PM, isyndica <isynd...@gmail.com> >> wrote: >> >>> Hi, >> >>> I have a working implementation using AuthSub and the Google API >>> library working fine, but I'd really like to use OAuth, if >>> anythign to >>> learn it a bit. >> >>> I managed to get the authentication loop working with: >> >>> // Part 1 :: Getting a token and getting it authorized >> >>> string consumerKey = "consumer key from registered application"; >>> string consumerSecretKey = "consumer secret key from registered >>> application"; >> >>> OAuthUtil oou = new OAuthUtil(); >>> string oauth_nonce = oou.GenerateNonce(); >>> string oauth_timestamp = oou.GenerateTimeStamp(); >>> string oauth_normalized_url; >>> string oauth_normalized_params; >> >>> string oauth_signature = oou.GenerateSignature(new Uri("https:// >>> www.google.com/accounts/OAuthGetRequestToken?scope=" + >>> Uri.EscapeDataString("http://picasaweb.google.com/data/";)), >>> consumerKey, consumerSecret, null, null, "GET", oauth_timestamp, >>> oauth_nonce, OAuthUtil.SignatureTypes.HMACSHA1, out >>> oauth_normalized_url, out oauth_normalized_params); >> >>> string getTokenUrl = oauth_normalized_url + "?" + >>> oauth_normalized_params + "&" + Uri.EscapeDataString >>> ("oauth_signature") + "=" + Uri.EscapeDataString(oauth_signature); >> >>> NameValueCollection oauthtokendata = null; >>> HttpWebRequest request = WebRequest.Create(tbLoginUrl.Text) as >>> HttpWebRequest; >>> using (HttpWebResponse response = request.GetResponse() as >>> HttpWebResponse) >>> { >>> using (TextReader reader = new StreamReader >>> (response.GetResponseStream())) >>> { >>> oauthtokendata = HttpUtility.ParseQueryString(reader.ReadToEnd >>> ()); >>> } >>> } >> >>> string authorizeTokenUrl = "https://www.google.com/accounts/ >>> OAuthAuthorizeToken?oauth_token=<https://www.google.com/accounts/%0AOAuthAuthorizeToken?oauth_token= >>> >>> >" >>> + Uri.EscapeDataString(oauthtokendata >>> ["oauth_token"]) + "&oauth_callback=" + Uri.EscapeDataString("https:// >>> mydomain.com/google.auth.callback?s=picasa&"); >> >>> Then in the callback page: >> >>> // Part 2 :: Converting the token to an access token >> >>> OAuthUtil oou = new OAuthUtil(); >>> string oauth_nonce = oou.GenerateNonce(); >>> string oauth_timestamp = oou.GenerateTimeStamp(); >>> string oauth_normalized_url; >>> string oauth_normalized_params; >> >>> string token = "oauth_token from querystring"; >>> string token_secret = "oauth secret from query string"; >> >>> string oauth_signature = oou.GenerateSignature(new Uri("https:// >>> www.google.com/accounts/OAuthGetAccessToken"), consumerKey, >>> consumerSecret, Uri.EscapeDataString(token), token_secret, "GET", >>> oauth_timestamp, oauth_nonce, OAuthUtil.SignatureTypes.HMACSHA1, out >>> oauth_normalized_url, out oauth_normalized_params); >> >>> string convertTokenUrl = oauth_normalized_url + "?" + >>> oauth_normalized_params + "&" + Uri.EscapeDataString >>> ("oauth_signature") + "=" + Uri.EscapeDataString(oauth_signature); >> >>> NameValueCollection oauthtokendata = null; >>> HttpWebRequest request = WebRequest.Create(convertTokenUrl) as >>> HttpWebRequest; >>> using (HttpWebResponse response = request.GetResponse() as >>> HttpWebResponse) >>> { >>> using (TextReader reader = new StreamReader >>> (response.GetResponseStream())) >>> { >>> oauthtokendata = HttpUtility.ParseQueryString(reader.ReadToEnd >>> ()); >>> } >>> } >>> string oauth_access_token = oauthtokendata["oauth_token"]; >>> string oauth_access_token_secret = oauthtokendata >>> ["oauth_token_secret"]; >> >>> Fine... so this is working perfect (and might be useful if anyone >>> was >>> looking for an example in C#, since I couldn't really find any). >> >>> But now... I have no clue how I'm supposed to do the Upload anymore. >>> This is what I did with AuthSub: >> >>> GAuthSubRequestFactory authFactory = new >>> GAuthSubRequestFactory("lh2", >>> "mydomain.com"); >>> // We assign the RSA key for request encryption - that's a special >>> function that would decrypt the key from my certificate as uploaded >>> when registering the application >>> authFactory.PrivateKey = getRsaKey(); >> >>> // We set the token (long term session token) >>> authFactory.Token = "the access token AuthSub had given me after >>> conversion"; >> >>> PicasaService service = new PicasaService(consumerKey); // >>> authFactory.ApplicationName); >>> service.RequestFactory = authFactory; >> >>> // Upload for the user associated to the token and into the "Drop >>> Box" >>> Uri postUri = new Uri(PicasaQuery.CreatePicasaUri("default", >>> "default")); >> >>> // Format the path to the file to upload - for our exampe this is >>> the >>> "testupload.jpg" file that's copied along side the program in the >>> output folder >>> string sourceFilePath = Path.Combine(GetRunnginAssemblyPath >>> (),"testupload.jpg"); >> >>> // Open a read stream to the file >>> string uploadedPhotoId = ""; >>> using (FileStream stream = new FileStream(sourceFilePath, >>> FileMode.Open, FileAccess.Read)) >>> { >>> // Use the "Insert" method on the service to upload the file >>> PicasaEntry entry = (PicasaEntry)service.Insert(postUri, stream, >>> "image/jpeg", sourceFilePath); >>> PhotoAccessor pa = new PhotoAccessor(entry); >>> // For information, write out the PhotoId of the newly added image >>> uploadedPhotoId = pa.Id; >>> } >> >>> return uploadedPhotoId; >> >>> Boom - that worked beautifully. But I have no clue how to use OAuth >>> instead of OAuthSub there and couldn't find any .NET example. The >>> only upload example I have is with JRuby where the OAuth subsystem >>> seems to feature two "Token" and "TokenSecret" properties that... >>> Are >>> inexistent with the .NET implementation. >> >>> I went so far as this: >>> GOAuthRequestFactory authFactory = new GOAuthRequestFactory("lh2", >>> consumerKey); >>> authFactory.ConsumerKey = consumerKey; >>> authFactory.ConsumerSecret = consumerSecret; >> >>> But that's clearly not enough (the token is associated nowhere). >> >>> I also tried using the AuthSub factory with the OAuth token (as I >>> keep >>> reading it supposedly works), but... it doesn't work: keep getting >>> 403s. >> >>> What am I missing? >> >>> Any help is most welcome. > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Picasa Web Albums API" group. To post to this group, send email to Google-Picasa-Data-API@googlegroups.com To unsubscribe from this group, send email to google-picasa-data-api+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/Google-Picasa-Data-API?hl=en -~----------~----~----~----~------~----~------~--~---
