Thanks for all the help. I really appreciate it.
I am getting closer, but stuck on the following step:
$client->setAuthSubPrivateKeyFile('myrsakey.pem', null, true);
That line causes the page to load as a blank white page. I can see
that it is used to grab the rsa key from my file, but for some reason
it is killing the rest of the code. Any ideas?
Josh
On Sep 15, 4:15 pm, "Eric (Google)" <[EMAIL PROTECTED]> wrote:
> The initial request to AuthSubRequest for a secure token
> doesn't need to be signed
>
> When you come back from AuthSub with a single use token
> appended in the URL, the request to upgrade the token
> using getAuthSubSessionToken needs to be signed. That
> call should include your .PEM file.
>
> It sounds like you're using the Zend PHP library (I assumed
> you weren't in my last post). Secure AuthSub was recently
> added to the 1.6.0 release:http://framework.zend.com/download/gdata
>
> To get you started, I posted a sample on the tips
> blog:http://gdatatips.blogspot.com/2008/09/secure-authsub-using-zend-php-l...
>
> Hope that helps,
> Eric
>
> On Sep 12, 8:33 pm, Josh <[EMAIL PROTECTED]> wrote:
>
>
>
> > Thanks for the info. I am still having some difficulty getting it
> > working.
>
> > My current process:
> > 1) Send AuthSubRequest with secure=1.
> > 2) Request a session token using getAuthSubSessionToken.
> > etc.
>
> > The problem is occurring right at the beginning. As soon as I set
> > secure=1, I get 403 errors when I try to request a session token in
> > step 2. I assume that somewhere in there, I need to include the new
> > PEM file information (during step 1 when I send the initial request?).
> > But where/how do I integrate it? I can see from the examples you
> > provided, how I will need to integrate the PEM files when I make
> > requests for secure information, but I cannot even get to that step at
> > this point. I'm just trying to setup the link to Google Health with
> > secure=1, without even sending any data yet, and have been unable to
> > successfully configure it.
>
> > Which step, AuthSubRequest or getAuthSubSessionToken, needs to include
> > the secure PEM info? And how do I include it?
>
> > Thanks!
>
> > On Sep 10, 1:33 pm, "Eric (Google)" <[EMAIL PROTECTED]> wrote:
>
> > > Upload the public certificate to google (in the ManageDomains tool).
>
> > > The private key is what you will use to sign (encrypt) your data.
>
> > > The only thing that changes for secure AuthSub (secure=1 tokens) is
> > > the format of the Authorization header you send in the
> > > request:http://code.google.com/apis/accounts/docs/AuthSub.html#signingrequests
>
> > > I've posted some code on the Google Data Tips blog that should
> > > help you see where/how to use the private
> > > key:http://gdatatips.blogspot.com/2008/07/secure-authsub-in-php.html
>
> > > You can use that signedGET() function as a starting point to also
> > > make
> > > POST requests. The curl options will be a little different.
>
> > > Hope this helps,
> > > eric
>
> > > On Sep 9, 7:45 pm, Josh <[EMAIL PROTECTED]> wrote:
>
> > > > Thanks for the help.
>
> > > > I am trying to get secure=1 working with h9 first, as suggested. I
> > > > have created my 2 PEM files (cert and key) with OpenSSL. What is the
> > > > next step? Which of these 2 files do I upload to Google, which do I
> > > > upload to my website, and how do I use these files in my code? What
> > > > changes must be made besides changing "secure=0" to "secure=1"?
>
> > > > I have read a number of related forum posts, but still cannot quite
> > > > get it straight. Thanks.
>
> > > > On Sep 9, 4:47 pm, "Eric (Google)" <[EMAIL PROTECTED]> wrote:
>
> > > > > Hi,
>
> > > > > On Sep 9, 11:11 am, Josh <[EMAIL PROTECTED]> wrote:
>
> > > > > > I am trying to make the move from secure=0 to secure=1 with my PHP
> > > > > > site, and I am having some problems. I created .jks and .pem files
> > > > > > using Java and uploaded the .pem file to Google. What do I do with
> > > > > > the .jks file though? Where do I put it or how do I invoke it?
>
> > > > > If you're using PHP you don't do anything with the .jks file. If
> > > > > you're
> > > > > not using Java, using openssl to create a .pem is the way to go:
>
> > > > >http://code.google.com/apis/gdata/authsub.html#Registered
>
> > > > > > Everything works with h9 and secure=0, just trying to get secure=1
> > > > > > working before I test with "health." I have read a number of forum
> > > > > > posts but cannot quite figure out how to get this working.
>
> > > > > Have you registered your domain with health? This is a separate
> > > > > registration
> > > > > fromhttps://www.google.com/accounts/ManageDomains. Here's the API
> > > > > ToS where
> > > > > you can do that:
>
> > > > >http://services.google.com/events/googhealthdevelopers
>
> > > > > p.s. you won't be able to use /health until final approval. It's
> > > > > important
> > > > > to get secure=1 tokens working with /h9 first.
>
> > > > > Eric
>
> > > > > > Thanks!- Hide quoted text -
>
> > > > > - Show quoted text -- Hide quoted text -
>
> > > - Show quoted text -- Hide quoted text -
>
> - Show quoted text -
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Google Health Developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/googlehealthdevelopers?hl=en
-~----------~----~----~----~------~----~------~--~---
