I can get the myrsakey.pem to display on my browser. When I make it so it can not be found, I get just a white screen. Is there a way for me to check that the key and certificate definitely match?
The full $authSubURL comes out as https://www.google.com/h9/authsub?next=http%3A%2F%2Flocalhost&scope=https://www.google.com/h9/feeds&secure=1&session=1&permission=1. The code to generate it is: ------------------------------------------------------------------------ function GHAuthenticate($linktext='', $next='') { // If there is no AuthSub session or one-time token waiting for us, // redirect the user to the AuthSub server to get one. if (!isset($_SESSION['GHAuthSubToken']) && !isset($_GET['token'])) { if (! $next) { //LIVE NEXT VAR //$next = getCurrentUrl(); //DEVELOPMENT NEXT VAR $next = 'http://localhost'; } if (! $linktext) { $linktext = 'click here'; } //DEVELOPMENT SCOPE $scope = 'https://www.google.com/h9/feeds'; //PRODUCTION SCOPE //$scope = 'https://www.google.com/health/feeds'; $secure = 1; $session = 1; $permission = 1; $authSubURL = Zend_Gdata_AuthSub::getAuthSubTokenUri($next, $scope, $secure, $session); //COMMENT OUT FOR PRODUCTION $authSubURL = str_replace('/accounts/AuthSubRequest', '/h9/ authsub', $authSubURL . '&permission=' . $permission); // Could be replaced with a redirect... echo '<h3 id="google-signup">We apologize for the inconvenience, but you must first signup for a Google Health account or link your current Google Health to your PassportMD account before using this service. Please <a href="' . $authSubURL . '">' . $linktext . '</a> to do so now.</h3>'; return; } // Convert an AuthSub one-time token into a session token if needed if (!isset($_SESSION['GHAuthSubToken']) && isset($_GET['token'])) { $client = new Zend_Gdata_HttpClient(); // This sets your private key to be used to sign subsequent requests $client->setAuthSubPrivateKeyFile('/var/www/vhosts/passportmd.com/ httpdocs/devteam/app/interfaces/front/secure/secure_inc/getreal_lib/ myrsakey.pem', null, true); $sessionToken = Zend_Gdata_AuthSub::getAuthSubSessionToken($_GET['token'], $client); // Set the long-lived session token for subsequent requests //$client->setAuthSubToken($sessionToken); //$_SESSION['GHAuthSubToken'] = Zend_Gdata_AuthSub::getAuthSubSessionToken($_GET['token']); //return $client; $_SESSION['GHAuthSubToken'] = $sessionToken; //$_SESSION['GHAuthSubToken'] = $client- >setAuthSubToken($sessionToken); //$_SESSION['GHAuthSubToken'] = Zend_Gdata_AuthSub::getAuthSubSessionToken($_GET['token']); } return Zend_Gdata_AuthSub::getHttpClient($_SESSION['GHAuthSubToken']); } ----------------------------------------------------------------------------------------------- I am going through the non-client library now. Thanks again for all this help! On Sep 21, 1:08 am, "Eric (Google)" <[EMAIL PROTECTED]> wrote: > If yourtokenupgrade was working before, I suspect it's a problem > with the data signing. Can you do the following > as a sanity check: > > - Make sure myrsakey.pem is readable by your web server > and actually being read. > > - Post the full $authSubURL so I can take a look. > > - Try this non-client library version to see if it > works:http://gdatatips.blogspot.com/2008/07/secure-authsub-in-php.html > > Eric > > On Sep 20, 2:02 pm, Ralph <[EMAIL PROTECTED]> wrote: > > > Hi, Eric, > > > 1. Yes we're registered with Google Health > > 2. Sorry for that, I was forcing secure =1 in the URL while I was > > testing so we could still demo the application on localhost with > > $secure=0. > > > We're still getting the sameerror. > > > Thanks, > > > Ralph > > > On Sep 19, 6:11 pm, "Eric (Google)" <[EMAIL PROTECTED]> wrote: > > > > Hi Ralph, > > > > I noticed a couple of things: > > > > 1.) Have you registered your domain(s) with Google Health? > > > Signed requests won't work from localhost. Please > > > visithttp://services.google.com/events/googhealthdevelopers > > > > 2.) I noticed your snippet had $secure = 0. Make sure it's > > > $secure=1 when you switch back to signed requests. > > > > Cheers, > > > eric > > > > On Sep 19, 2:40 pm, Ralph <[EMAIL PROTECTED]> wrote: > > > > > Hello, > > > > > I keep getting a403InvalidTokenerrorwhen trying to set secure = > > > > 1. We need to test the secure tokens for the production environment. > > > > Our code works with secure = 0 and we've uploaded the x.509 cert to > > > > our Manage Domains section and you can see where we invoke it below > > > > with the setAuthSubPrivateKeyFile() function. > > > > > I've tried editing the code and making changes with no success. > > > > > Here is our function code: > > > > --------------------------------------------------------------------------- > > > > ----------------------------------- > > > > function GHAuthenticate($linktext='', $next='') { > > > > // If there is no AuthSub session or one-timetokenwaiting for > > > > us, > > > > // redirect the user to the AuthSub server to get one. > > > > if (!isset($_SESSION['GHAuthSubToken']) && !isset($_GET['token'])) > > > > { > > > > if (! $next) { > > > > //LIVE NEXT VAR > > > > //$next = getCurrentUrl(); > > > > > //DEVELOPMENT NEXT VAR > > > > $next = 'http://localhost'; > > > > } > > > > if (! $linktext) { > > > > $linktext = 'click here'; > > > > } > > > > //DEVELOPMENT SCOPE > > > > $scope = 'https://www.google.com/h9/feeds'; > > > > > //PRODUCTION SCOPE > > > > //$scope = 'https://www.google.com/health/feeds'; > > > > > $secure = 0; > > > > $session = 1; > > > > $permission = 1; > > > > $authSubURL = Zend_Gdata_AuthSub::getAuthSubTokenUri($next, > > > > $scope, > > > > $secure, > > > > $session); > > > > > //COMMENT OUT FOR PRODUCTION > > > > $authSubURL = str_replace('/accounts/AuthSubRequest', > > > > '/h9/ > > > > authsub', > > > > $authSubURL . '&permission=' . > > > > $permission); > > > > > // Could be replaced with a redirect... > > > > echo '<h3 id="google-signup">We apologize for the > > > > inconvenience, but you must first signup for a Google Health account > > > > or link your current Google Health to your PassportMD account before > > > > using this service. Please <a href="' . $authSubURL . '">' . > > > > $linktext . '</a> to do so now.</h3>'; > > > > > return; > > > > } > > > > > // Convert an AuthSub one-timetokeninto a sessiontokenif > > > > needed > > > > if (!isset($_SESSION['GHAuthSubToken']) && isset($_GET['token'])) > > > > { > > > > $client = new Zend_Gdata_HttpClient(); > > > > // This sets your private key to be used to sign > > > > subsequent > > > > requests > > > > > > > > $client->setAuthSubPrivateKeyFile('/var/www/vhosts/passportmd.com/ > > > > httpdocs/devteam/app/interfaces/front/secure/secure_inc/getreal_lib/ > > > > myrsakey.pem', null, true); > > > > $sessionToken = > > > > Zend_Gdata_AuthSub::getAuthSubSessionToken($_GET['token'], $client); > > > > // Set the long-lived sessiontokenfor subsequent > > > > requests > > > > //$client->setAuthSubToken($sessionToken); > > > > //$_SESSION['GHAuthSubToken'] = > > > > Zend_Gdata_AuthSub::getAuthSubSessionToken($_GET['token']); > > > > //return $client; > > > > $_SESSION['GHAuthSubToken'] = $sessionToken; > > > > //$_SESSION['GHAuthSubToken'] = > > > > $client->setAuthSubToken($sessionToken); > > > > > //$_SESSION['GHAuthSubToken'] = > > > > Zend_Gdata_AuthSub::getAuthSubSessionToken($_GET['token']); > > > > } > > > > > return > > > > Zend_Gdata_AuthSub::getHttpClient($_SESSION['GHAuthSubToken']);} > > > > > --------------------------------------------------------------------------- > > > > ----------------------------------- > > > > > Here is the fullerrormessage: > > > > --------------------------------------------------------------------------- > > > > --------------------------------- > > > > Fatalerror: Uncaught exception 'Zend_Gdata_App_AuthException' with > > > > message 'Tokenupgrade failed. Reason: <HTML> <HEAD> <TITLE>Invalid > > > > AuthSubtoken.</TITLE> </HEAD> <BODY BGCOLOR="#FFFFFF" TEXT="#000000"> > > > > <H1>InvalidAuthSubtoken.</H1> <H2>Error403</H2> </BODY> </HTML> ' > > > > in /var/www/vhosts/passportmd.com/httpdocs/devteam/app/interfaces/ > > > > front/secure/secure_inc/getreal_lib/Zend/Zend/Gdata/AuthSub.php:135 > > > > Stack trace: #0 /var/www/vhosts/passportmd.com/httpdocs/devteam/app/ > > > > interfaces/front/secure/secure_inc/getreal_lib/pmdgh.php(86): > > > > Zend_Gdata_AuthSub::getAuthSubSessionToken('1/6oCp_fTfrVj9N...', > > > > Object(Zend_Gdata_HttpClient)) #1 /var/www/vhosts/passportmd.com/ > > > > httpdocs/devteam/app/interfaces/front/secure/healthbio/sync/sync- > > > > google.php(69): GHAuthenticate() #2 {main} thrown in /var/www/vhosts/ > > > > passportmd.com/httpdocs/devteam/app/interfaces/front/secure/secure_inc/ > > > > getreal_lib/Zend/Zend/Gdata/AuthSub.php on line 135 > > > > --------------------------------------------------------------------------- > > > > ---------------------------------- --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Health Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/googlehealthdevelopers?hl=en -~----------~----~----~----~------~----~------~--~---
