Hi Ralph, I noticed a couple of things:
1.) Have you registered your domain(s) with Google Health? Signed requests won't work from localhost. Please visit http://services.google.com/events/googhealthdevelopers 2.) I noticed your snippet had $secure = 0. Make sure it's $secure=1 when you switch back to signed requests. Cheers, eric On Sep 19, 2:40 pm, Ralph <[EMAIL PROTECTED]> wrote: > Hello, > > I keep getting a 403 Invalid Token error when trying to set secure = > 1. We need to test the secure tokens for the production environment. > Our code works with secure = 0 and we've uploaded the x.509 cert to > our Manage Domains section and you can see where we invoke it below > with the setAuthSubPrivateKeyFile() function. > > I've tried editing the code and making changes with no success. > > Here is our function code: > -------------------------------------------------------------------------------------------------------------- > function GHAuthenticate($linktext='', $next='') { > // If there is no AuthSub session or one-time token waiting for > us, > // redirect the user to the AuthSub server to get one. > if (!isset($_SESSION['GHAuthSubToken']) && !isset($_GET['token'])) > { > if (! $next) { > //LIVE NEXT VAR > //$next = getCurrentUrl(); > > //DEVELOPMENT NEXT VAR > $next = 'http://localhost'; > } > if (! $linktext) { > $linktext = 'click here'; > } > //DEVELOPMENT SCOPE > $scope = 'https://www.google.com/h9/feeds'; > > //PRODUCTION SCOPE > //$scope = 'https://www.google.com/health/feeds'; > > $secure = 0; > $session = 1; > $permission = 1; > $authSubURL = Zend_Gdata_AuthSub::getAuthSubTokenUri($next, > $scope, > $secure, > $session); > > //COMMENT OUT FOR PRODUCTION > $authSubURL = str_replace('/accounts/AuthSubRequest', '/h9/ > authsub', > $authSubURL . '&permission=' . > $permission); > > // Could be replaced with a redirect... > echo '<h3 id="google-signup">We apologize for the > inconvenience, but you must first signup for a Google Health account > or link your current Google Health to your PassportMD account before > using this service. Please <a href="' . $authSubURL . '">' . > $linktext . '</a> to do so now.</h3>'; > > return; > } > > // Convert an AuthSub one-time token into a session token if > needed > if (!isset($_SESSION['GHAuthSubToken']) && isset($_GET['token'])) > { > $client = new Zend_Gdata_HttpClient(); > // This sets your private key to be used to sign subsequent > requests > > $client->setAuthSubPrivateKeyFile('/var/www/vhosts/passportmd.com/ > httpdocs/devteam/app/interfaces/front/secure/secure_inc/getreal_lib/ > myrsakey.pem', null, true); > $sessionToken = > Zend_Gdata_AuthSub::getAuthSubSessionToken($_GET['token'], $client); > // Set the long-lived session token for subsequent requests > //$client->setAuthSubToken($sessionToken); > //$_SESSION['GHAuthSubToken'] = > Zend_Gdata_AuthSub::getAuthSubSessionToken($_GET['token']); > //return $client; > $_SESSION['GHAuthSubToken'] = $sessionToken; > //$_SESSION['GHAuthSubToken'] = > $client->setAuthSubToken($sessionToken); > > //$_SESSION['GHAuthSubToken'] = > Zend_Gdata_AuthSub::getAuthSubSessionToken($_GET['token']); > } > > return > Zend_Gdata_AuthSub::getHttpClient($_SESSION['GHAuthSubToken']);} > > -------------------------------------------------------------------------------------------------------------- > > Here is the full error message: > ------------------------------------------------------------------------------------------------------------ > Fatal error: Uncaught exception 'Zend_Gdata_App_AuthException' with > message 'Token upgrade failed. Reason: <HTML> <HEAD> <TITLE>Invalid > AuthSub token.</TITLE> </HEAD> <BODY BGCOLOR="#FFFFFF" TEXT="#000000"> > <H1>Invalid AuthSub token.</H1> <H2>Error 403</H2> </BODY> </HTML> ' > in /var/www/vhosts/passportmd.com/httpdocs/devteam/app/interfaces/ > front/secure/secure_inc/getreal_lib/Zend/Zend/Gdata/AuthSub.php:135 > Stack trace: #0 /var/www/vhosts/passportmd.com/httpdocs/devteam/app/ > interfaces/front/secure/secure_inc/getreal_lib/pmdgh.php(86): > Zend_Gdata_AuthSub::getAuthSubSessionToken('1/6oCp_fTfrVj9N...', > Object(Zend_Gdata_HttpClient)) #1 /var/www/vhosts/passportmd.com/ > httpdocs/devteam/app/interfaces/front/secure/healthbio/sync/sync- > google.php(69): GHAuthenticate() #2 {main} thrown in /var/www/vhosts/ > passportmd.com/httpdocs/devteam/app/interfaces/front/secure/secure_inc/ > getreal_lib/Zend/Zend/Gdata/AuthSub.php on line 135 > ------------------------------------------------------------------------------------------------------------- --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Health Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/googlehealthdevelopers?hl=en -~----------~----~----~----~------~----~------~--~---
