I think the problem is that you're still using http://localhost as your next url ($next = 'http://localhost';)
$next needs to be set to your registered domain. localhost won't work with signed requests. Should you uncomment $next = getCurrentUrl();? Your AuthSub link will look something like: https://www.google.com/h9/authsub?next=http://www.yourtestdomain.com/backfromhealth.php&scope=https://www.google.com/h9/feeds&secure=1&session=1&permission=1 Note: This link will give an "Invalid usage" error because www.yourtestdomain.com isn't registered with Health. Eric On Sep 22, 11:32 am, Ralph <[EMAIL PROTECTED]> wrote: > Eric, > > I implemented the non-client library version you sent me above, I > stopped from getting the error message! However, now I can not > actually send data to and from my tester account on h9. No error > messages are thrown, but the data never shows up in the account. If I > take out the non-client version and use "$_SESSION['GHAuthSubToken'] = > Zend_Gdata_AuthSub::getAuthSubSessionToken($_GET['token']);" and set > secure = 0, it goes back to working. > > I am calling the non-client version to set the session token with > "$_SESSION['GHAuthSubToken'] = signedGET('https://www.google.com/h9/ > authsub', $_GET['token']);" and the data won't go through. I've also > tried $_SESSION['GHAuthSubToken'] = signedGET('https://www.google.com/ > accounts/AuthSubSessionToken, $_GET['token']); with the same results. > > Am I calling this incorrectly or is it impossible to send secure, > signed requests to h9? > > Thanks for the help! > > On Sep 22, 11:59 am, Ralph <[EMAIL PROTECTED]> wrote: > > > I can get the myrsakey.pem to display on my browser. When I make it so > > it can not be found, I get just a white screen. Is there a way for me > > to check that the key and certificate definitely match? > > > The full $authSubURL comes out > > ashttps://www.google.com/h9/authsub?next=http%3A%2F%2Flocalhost&scope=h.... > > The code to generate it is: > > > ------------------------------------------------------------------------ > > function GHAuthenticate($linktext='', $next='') { > > // If there is no AuthSub session or one-timetokenwaiting for > > us, > > // redirect the user to the AuthSub server to get one. > > if (!isset($_SESSION['GHAuthSubToken']) && !isset($_GET['token'])) > > { > > if (! $next) { > > //LIVE NEXT VAR > > //$next = getCurrentUrl(); > > > //DEVELOPMENT NEXT VAR > > $next = 'http://localhost'; > > } > > if (! $linktext) { > > $linktext = 'click here'; > > } > > //DEVELOPMENT SCOPE > > $scope = 'https://www.google.com/h9/feeds'; > > > //PRODUCTION SCOPE > > //$scope = 'https://www.google.com/health/feeds'; > > > $secure = 1; > > $session = 1; > > $permission = 1; > > $authSubURL = Zend_Gdata_AuthSub::getAuthSubTokenUri($next, > > $scope, > > $secure, > > $session); > > > //COMMENT OUT FOR PRODUCTION > > $authSubURL = str_replace('/accounts/AuthSubRequest', '/h9/ > > authsub', > > $authSubURL . '&permission=' . > > $permission); > > > // Could be replaced with a redirect... > > echo '<h3 id="google-signup">We apologize for the > > inconvenience, but you must first signup for a Google Health account > > or link your current Google Health to your PassportMD account before > > using this service. Please <a href="' . $authSubURL . '">' . > > $linktext . '</a> to do so now.</h3>'; > > > return; > > } > > > // Convert an AuthSub one-timetokeninto a sessiontokenif > > needed > > if (!isset($_SESSION['GHAuthSubToken']) && isset($_GET['token'])) > > { > > $client = new Zend_Gdata_HttpClient(); > > // This sets your private key to be used to sign subsequent > > requests > > > > $client->setAuthSubPrivateKeyFile('/var/www/vhosts/passportmd.com/ > > httpdocs/devteam/app/interfaces/front/secure/secure_inc/getreal_lib/ > > myrsakey.pem', null, true); > > $sessionToken = > > Zend_Gdata_AuthSub::getAuthSubSessionToken($_GET['token'], $client); > > // Set the long-lived sessiontokenfor subsequent requests > > //$client->setAuthSubToken($sessionToken); > > //$_SESSION['GHAuthSubToken'] = > > Zend_Gdata_AuthSub::getAuthSubSessionToken($_GET['token']); > > //return $client; > > $_SESSION['GHAuthSubToken'] = $sessionToken; > > //$_SESSION['GHAuthSubToken'] = > > $client->setAuthSubToken($sessionToken); > > > //$_SESSION['GHAuthSubToken'] = > > Zend_Gdata_AuthSub::getAuthSubSessionToken($_GET['token']); > > } > > > return > > Zend_Gdata_AuthSub::getHttpClient($_SESSION['GHAuthSubToken']);} > > > ----------------------------------------------------------------------------------------------- > > > I am going through the non-client library now. > > > Thanks again for all this help! > > > On Sep 21, 1:08 am, "Eric (Google)" <[EMAIL PROTECTED]> wrote: > > > > If yourtokenupgrade was working before, I suspect it's a problem > > > with the data signing. Can you do the following > > > as a sanity check: > > > > - Make sure myrsakey.pem is readable by your web server > > > and actually being read. > > > > - Post the full $authSubURL so I can take a look. > > > > - Try this non-client library version to see if it > > > works:http://gdatatips.blogspot.com/2008/07/secure-authsub-in-php.html > > > > Eric > > > > On Sep 20, 2:02 pm, Ralph <[EMAIL PROTECTED]> wrote: > > > > > Hi, Eric, > > > > > 1. Yes we're registered with Google Health > > > > 2. Sorry for that, I was forcing secure =1 in the URL while I was > > > > testing so we could still demo the application on localhost with > > > > $secure=0. > > > > > We're still getting the sameerror. > > > > > Thanks, > > > > > Ralph > > > > > On Sep 19, 6:11 pm, "Eric (Google)" <[EMAIL PROTECTED]> wrote: > > > > > > Hi Ralph, > > > > > > I noticed a couple of things: > > > > > > 1.) Have you registered your domain(s) with Google Health? > > > > > Signed requests won't work from localhost. Please > > > > > visithttp://services.google.com/events/googhealthdevelopers > > > > > > 2.) I noticed your snippet had $secure = 0. Make sure it's > > > > > $secure=1 when you switch back to signed requests. > > > > > > Cheers, > > > > > eric > > > > > > On Sep 19, 2:40 pm, Ralph <[EMAIL PROTECTED]> wrote: > > > > > > > Hello, > > > > > > > I keep getting a403InvalidTokenerrorwhen trying to set secure = > > > > > > 1. We need to test the secure tokens for the production environment. > > > > > > Our code works with secure = 0 and we've uploaded the x.509 cert to > > > > > > our Manage Domains section and you can see where we invoke it below > > > > > > with the setAuthSubPrivateKeyFile() function. > > > > > > > I've tried editing the code and making changes with no success. > > > > > > > Here is our function code: > > > > > > --------------------------------------------------------------------------- > > > > > > ----------------------------------- > > > > > > function GHAuthenticate($linktext='', $next='') { > > > > > > // If there is no AuthSub session or one-timetokenwaiting for > > > > > > us, > > > > > > // redirect the user to the AuthSub server to get one. > > > > > > if (!isset($_SESSION['GHAuthSubToken']) && > > > > > > !isset($_GET['token'])) > > > > > > { > > > > > > if (! $next) { > > > > > > //LIVE NEXT VAR > > > > > > //$next = getCurrentUrl(); > > > > > > > //DEVELOPMENT NEXT VAR > > > > > > $next = 'http://localhost'; > > > > > > } > > > > > > if (! $linktext) { > > > > > > $linktext = 'click here'; > > > > > > } > > > > > > //DEVELOPMENT SCOPE > > > > > > $scope = 'https://www.google.com/h9/feeds'; > > > > > > > //PRODUCTION SCOPE > > > > > > //$scope = 'https://www.google.com/health/feeds'; > > > > > > > $secure = 0; > > > > > > $session = 1; > > > > > > $permission = 1; > > > > > > $authSubURL = Zend_Gdata_AuthSub::getAuthSubTokenUri($next, > > > > > > $scope, > > > > > > $secure, > > > > > > $session); > > > > > > > //COMMENT OUT FOR PRODUCTION > > > > > > $authSubURL = > > > > > > str_replace('/accounts/AuthSubRequest', '/h9/ > > > > > > authsub', > > > > > > $authSubURL . '&permission=' . > > > > > > $permission); > > > > > > > // Could be replaced with a redirect... > > > > > > echo '<h3 id="google-signup">We apologize for the > > > > > > inconvenience, but you must first signup for a Google Health account > > > > > > or link your current Google Health to your PassportMD account before > > > > > > using this service. Please <a href="' . $authSubURL . '">' . > > > > > > $linktext . '</a> to do so now.</h3>'; > > > > > > > return; > > > > > > } > > > > > > > // Convert an AuthSub one-timetokeninto a sessiontokenif > > > > > > needed > > > > > > if (!isset($_SESSION['GHAuthSubToken']) && > > > > > > isset($_GET['token'])) > > > > > > { > > > > > > $client = new Zend_Gdata_HttpClient(); > > > > > > // This sets your private key to be used to sign > > > > > > subsequent > > > > > > requests > > > > > > > > > > > > $client->setAuthSubPrivateKeyFile('/var/www/vhosts/passportmd.com/ > > > > > > httpdocs/devteam/app/interfaces/front/secure/secure_inc/getreal_lib/ > > > > > > myrsakey.pem', null, true); > > > > > > $sessionToken = > > > > > > Zend_Gdata_AuthSub::getAuthSubSessionToken($_GET['token'], $client); > > > > > > // Set the long-lived sessiontokenfor subsequent > > > > > > requests > > > > > > //$client->setAuthSubToken($sessionToken); > > > > > > //$_SESSION['GHAuthSubToken'] = > > > > > > Zend_Gdata_AuthSub::getAuthSubSessionToken($_GET['token']); > > > > > > //return $client; > > > > > > $_SESSION['GHAuthSubToken'] = $sessionToken; > > > > > > //$_SESSION['GHAuthSubToken'] = > > > > > > $client->setAuthSubToken($sessionToken); > > > > > > > //$_SESSION['GHAuthSubToken'] = > > > > > > Zend_Gdata_AuthSub::getAuthSubSessionToken($_GET['token']); > > > > > > } > > > > > > > return > > ... > > read more » --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Health Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/googlehealthdevelopers?hl=en -~----------~----~----~----~------~----~------~--~---
