Fantastic! Got it all working now. Only minor change I had to make to
anything was changing GET to POST in the authorization header because
I'm sending information instead of grabbing.
Thanks so much for all the help. I really appreciate it.
On Sep 18, 4:36 pm, "Eric (Google)" <[EMAIL PROTECTED]> wrote:
> You found a bug in the client library.
>
> The fix is to change getAuthSubSessionToken and
> AuthSubRevokeToken in Zend/Gdata/AuthSub.php:
>
> public static function getAuthSubSessionToken(
> $token, $client = null,
> $request_uri = self::AUTHSUB_SESSION_TOKEN_URI)
> {
> $client = self::getHttpClient($token, $client);
>
> if ($client instanceof Zend_Gdata_HttpClient) {
> $filterResult = $client->filterHttpRequest('GET',
> $request_uri);
> $url = $filterResult['url'];
> $headers = $filterResult['headers'];
> $client->setHeaders($headers);
> $client->setUri($url);
> } else {
> $client->setUri($request_uri);
> }
>
> try {
> $response = $client->request('GET');
> } catch (Zend_Http_Client_Exception $e) {
> require_once 'Zend/Gdata/App/HttpException.php';
> throw new Zend_Gdata_App_HttpException($e->getMessage(),
> $e);
> }
>
> // Parse Google's response
> if ($response->isSuccessful()) {
> $goog_resp = array();
> foreach (explode("\n", $response->getBody()) as $l) {
> $l = chop($l);
> if ($l) {
> list($key, $val) = explode('=', chop($l), 2);
> $goog_resp[$key] = $val;
> }
> }
> return $goog_resp['Token'];
> } else {
> require_once 'Zend/Gdata/App/AuthException.php';
> throw new Zend_Gdata_App_AuthException(
> 'Token upgrade failed. Reason: ' . $response->getBody());
>
> }
> }
>
> public static function AuthSubRevokeToken($token, $client = null,
> $request_uri =
> self::AUTHSUB_REVOKE_TOKEN_URI)
> {
> $client = self::getHttpClient($token, $client);
>
> if ($client instanceof Zend_Gdata_HttpClient) {
> $filterResult = $client->filterHttpRequest('GET',
> $request_uri);
> $url = $filterResult['url'];
> $headers = $filterResult['headers'];
> $client->setHeaders($headers);
> $client->setUri($url);
> $client->resetParameters();
> } else {
> $client->setUri($request_uri);
> }
>
> ob_start();
> try {
> $response = $client->request('GET');
> } catch (Zend_Http_Client_Exception $e) {
> require_once 'Zend/Gdata/App/HttpException.php';
> throw new Zend_Gdata_App_HttpException($e->getMessage(),
> $e);
> }
> ob_end_clean();
> // Parse Google's response
> if ($response->isSuccessful()) {
> return true;
> } else {
> return false;
> }
> }
>
> Eric
>
> On Sep 17, 11:38 am, Josh <[EMAIL PROTECTED]> wrote:
>
>
>
> > ----the function is actually "function signoff($token)" where $token
> > is my permanent token stored in my site's database for the user.----
>
> > On Sep 17, 11:36 am, Josh <[EMAIL PROTECTED]> wrote:
>
> > > Before my last post I had been trying to use your code and modify it
> > > to do what I needed, but for some reason I couldn't get it to work.
>
> > > I currently have it set up so that users can click an "unlink" button
> > > that runs the following code:
> > > function signoff() {
> > > $client = new Zend_Gdata_HttpClient();
> > > $client->setAuthSubPrivateKeyFile('myrsakey.pem', null, true);
> > > $revtoken = Zend_Gdata_AuthSub::AuthSubRevokeToken($token, $client);
> > > $client->setAuthSubToken($revtoken);
> > > return $client;
>
> > > }
>
> > > Ideas as to why this would not work?
>
> > > On Sep 17, 10:26 am, "Eric (Google)" <[EMAIL PROTECTED]> wrote:
>
> > > > That function (AuthSubRevokeToken) and getAuthSubTokenInfo
> > > > are overloaded so you can pass in the $client:
>
> > > > AuthSubRevokeToken($token, $client);
>
> > > > This should work if you've setup your $client properly.
> > > > Just use the code I posted. When you set your private
> > > > key andauthsubsession token using setAuthSubPrivateKeyFile,
> > > > and setAuthSubToken, the library will automatically
> > > > send the token and construct the correct Authorization header
> > > > for you. So if you use that same $client, you're good to go.
>
> > > > See:http://framework.zend.com/code/browse/Zend_Framework/standard/trunk/l...
>
> > > > Eric
>
> > > > On Sep 16, 10:14 pm, Josh <[EMAIL PROTECTED]> wrote:
>
> > > > > Alright, getting closer and closer. The issue was with the file
> > > > > location, as you suspected. Don't know how I managed to mess it up!
>
> > > > > I can now successfully link the accounts withsecure=1. Part 2:
> > > > > Unlinking. The AuthSubRevokeToken function from the php Zend library
> > > > > seems to not be enough. I would expect that this might have to be
> > > > > modified to include the key in the header also. How do I do this?
>
> > > > > Sorry for all the questions! Hopefully I'll have it all figured out
> > > > > this week!
>
> > > > > Josh
>
> > > > > On Sep 16, 10:00 am, "Eric (Google)" <[EMAIL PROTECTED]> wrote:
>
> > > > > > Turn PHP warnings/notices on. It's possible that
> > > > > > your webserver can't read or find myrsakey.pem.
>
> > > > > > Eric
>
> > > > > > On Sep 15, 11:52 pm, Josh <[EMAIL PROTECTED]> wrote:
>
> > > > > > > Thanks for all the help. I really appreciate it.
>
> > > > > > > I am getting closer, but stuck on the following step:
> > > > > > > $client->setAuthSubPrivateKeyFile('myrsakey.pem', null, true);
>
> > > > > > > That line causes the page to load as a blank white page. I can see
> > > > > > > that it is used to grab the rsa key from my file, but for some
> > > > > > > reason
> > > > > > > it is killing the rest of the code. Any ideas?
>
> > > > > > > Josh
>
> > > > > > > On Sep 15, 4:15 pm, "Eric (Google)" <[EMAIL PROTECTED]> wrote:
>
> > > > > > > > The initial request to AuthSubRequest for asecuretoken
> > > > > > > > doesn't need to be signed
>
> > > > > > > > When you come back fromAuthSubwith a single use token
> > > > > > > > appended in the URL, the request to upgrade the token
> > > > > > > > using getAuthSubSessionToken needs to be signed. That
> > > > > > > > call should include your .PEM file.
>
> > > > > > > > It sounds like you're using the Zend PHP library (I assumed
> > > > > > > > you weren't in my last post). SecureAuthSubwas recently
> > > > > > > > added to the 1.6.0
> > > > > > > > release:http://framework.zend.com/download/gdata
>
> > > > > > > > To get you started, I posted a sample on the tips
> > > > > > > > blog:http://gdatatips.blogspot.com/2008/09/secure-authsub-using-zend-php-l...
>
> > > > > > > > Hope that helps,
> > > > > > > > Eric
>
> > > > > > > > On Sep 12, 8:33 pm, Josh <[EMAIL PROTECTED]> wrote:
>
> > > > > > > > > Thanks for the info. I am still having some difficulty
> > > > > > > > > getting it
> > > > > > > > > working.
>
> > > > > > > > > My current process:
> > > > > > > > > 1) Send AuthSubRequest withsecure=1.
> > > > > > > > > 2) Request a session token using getAuthSubSessionToken.
> > > > > > > > > etc.
>
> > > > > > > > > The problem is occurring right at the beginning. As soon as I
> > > > > > > > > set
> > > > > > > > >secure=1, I get 403 errors when I try to request a session
> > > > > > > > >token in
> > > > > > > > > step 2. I assume that somewhere in there, I need to include
> > > > > > > > > the new
> > > > > > > > > PEM file information (during step 1 when I send the initial
> > > > > > > > > request?).
> > > > > > > > > But where/how do I integrate it? I can see from the examples
> > > > > > > > > you
> > > > > > > > > provided, how I will need to integrate the PEM files when I
> > > > > > > > > make
> > > > > > > > > requests forsecureinformation, but I cannot even get to that
> > > > > > > > > step at
> > > > > > > > > this point. I'm just trying to setup the link to Google
> > > > > > > > > Health with
> > > > > > > > >secure=1, without even sending any data yet, and have been
> > > > > > > > >unable to
> > > > > > > > > successfully configure it.
>
> > > > > > > > > Which step, AuthSubRequest or getAuthSubSessionToken, needs
> > > > > > > > > to include
> > > > > > > > > thesecurePEM info? And how do I include it?
>
> > > > > > > > > Thanks!
>
> > > > > > > > > On Sep 10, 1:33 pm, "Eric (Google)" <[EMAIL PROTECTED]> wrote:
>
> > > > > > > > > > Upload the public certificate to google (in the
> > > > > > > > > > ManageDomains tool).
>
> > > > > > > > > > The private key is what you will use to sign (encrypt) your
> > > > > > > > > > data.
>
> > > > > > > > > > The only thing that changes forsecureAuthSub(secure=1
> > > > > > > > > > tokens) is
> > > > > > > > > > the format of the Authorization header you send in the
> > > > > > > > > > request:http://code.google.com/apis/accounts/docs/AuthSub.html#signingrequests
>
> > > > > > > > > > I've posted some code on the Google Data Tips blog that
> > > > > > > > > > should
> > > > > > > > > > help you see where/how to use the private
> > > > > > > > > > key:http://gdatatips.blogspot.com/2008/07/secure-authsub-in-php.html
>
> > > > > > > > > > You can use that signedGET() function as a starting point
> > > > > > > > > > to also
> > > > > > > > > > make
> > > > > > > > > > POST requests. The curl options will be a little different.
>
> > > > > > > > > > Hope this helps,
> > > > > > > > > > eric
>
> > > > > > > > > > On Sep 9, 7:45 pm, Josh <[EMAIL PROTECTED]> wrote:
>
> > > > > > > > > > > Thanks for the help.
>
> > > > > > > > > > > I am trying to getsecure=1 working with h9 first, as
> > > > > > > > > > > suggested. I
> > > > > > > > > > > have created my 2 PEM files (cert and key) with OpenSSL.
> > > > > > > > > > > What is the
> > > > > > > > > > > next step? Which of these 2 files do I upload to Google,
> > > > > > > > > > > which do I
> > > > > > > > > > > upload to my website, and how do I use these files in my
> > > > > > > > > > > code? What
> > > > > > > > > > > changes must be made besides changing "secure=0" to
> > > > > > > > > > > "secure=1"?
>
> > > > > > > > > > > I have read a number of related forum posts, but still
> > > > > > > > > > > cannot quite
> > > > > > > > > > > get it straight. Thanks.
>
> > > > > > > > > > > On Sep 9, 4:47 pm, "Eric (Google)" <[EMAIL PROTECTED]>
> > > > > > > > > > > wrote:
>
> > > > > > > > > > > > Hi,
>
> > > > > > > > > > > > On Sep 9, 11:11 am, Josh <[EMAIL PROTECTED]> wrote:
>
> > > > > > > > > > > > > I am trying to make the move from
>
> ...
>
> read more »- Hide quoted text -
>
> - Show quoted text -
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Google Health Developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/googlehealthdevelopers?hl=en
-~----------~----~----~----~------~----~------~--~---
