On Sep 22, 9:57 pm, Ralph <[EMAIL PROTECTED]> wrote:
> Eric,
>
> You were correct. Thanks for the help!
>
> I am, however, confused in how to test signed requests. I have already
> registered our domain athttps://www.google.com/accounts/ManageDomains
> and it is active. As far as I understand it, in order to become
> registered for production, we need to fill out the form
> athttp://services.google.com/events/googhealthservices. But that form
> asks you to verify that our application works with signed requests.
> How can I verify this if we can't send signed requests on localhost
> for our development environment and if we can't get past the
> unregistered domain message on our production environment? Is there an
> approved domain we can use with our development environment to test?
Can you use the domain that's already registered?
Most users setup a test domain on their internal network
(i.e. something like dev.yourdomain.com). Those domains are often
behind firewalls and Google isn't able to activate them for
ManageDomains.
If that's the case, I can verify them manually.
Whatever you choose, just make sure the (sub)domain is also
registered
with Google Health: http://services.google.com/events/googhealthdevelopers,
otherwise "Invalid usage" will show its ugly face.
Eric
>
> Thanks again.
>
> On Sep 22, 5:07 pm, "Eric (Google)" <[EMAIL PROTECTED]> wrote:
>
> > I think the problem is that you're still usinghttp://localhostasyour next
> > url ($next = 'http://localhost';)
>
> > $next needs to be set to your registered domain.
> > localhost won't work with signed requests.
> > Should you uncomment $next = getCurrentUrl();?
>
> > Your AuthSub link will look something
> > like:https://www.google.com/h9/authsub?next=http://www.yourtestdomain.com/...
>
> > Note: This link will give an "Invalidusage" error
> > becausewww.yourtestdomain.comisn'tregistered with Health.
>
> > Eric
>
> > On Sep 22, 11:32 am, Ralph <[EMAIL PROTECTED]> wrote:
>
> > > Eric,
>
> > > I implemented the non-client library version you sent me above, I
> > > stopped from getting the error message! However, now I can not
> > > actually send data to and from my tester account on h9. No error
> > > messages are thrown, but the data never shows up in the account. If I
> > > take out the non-client version and use "$_SESSION['GHAuthSubToken'] =
> > > Zend_Gdata_AuthSub::getAuthSubSessionToken($_GET['token']);" and set
> > > secure = 0, it goes back to working.
>
> > > I am calling the non-client version to set the session token with
> > > "$_SESSION['GHAuthSubToken'] = signedGET('https://www.google.com/h9/
> > > authsub', $_GET['token']);" and the data won't go through. I've also
> > > tried $_SESSION['GHAuthSubToken'] = signedGET('https://www.google.com/
> > > accounts/AuthSubSessionToken, $_GET['token']); with the same results.
>
> > > Am I calling this incorrectly or is it impossible to send secure,
> > > signed requests to h9?
>
> > > Thanks for the help!
>
> > > On Sep 22, 11:59 am, Ralph <[EMAIL PROTECTED]> wrote:
>
> > > > I can get the myrsakey.pem to display on my browser. When I make it so
> > > > it can not be found, I get just a white screen. Is there a way for me
> > > > to check that the key and certificate definitely match?
>
> > > > The full $authSubURL comes out
> > > > ashttps://www.google.com/h9/authsub?next=http%3A%2F%2Flocalhost&scope=h....
> > > > The code to generate it is:
>
> > > > ------------------------------------------------------------------------
> > > > function GHAuthenticate($linktext='', $next='') {
> > > > // If there is no AuthSub session or one-timetokenwaiting for
> > > > us,
> > > > // redirect the user to the AuthSub server to get one.
> > > > if (!isset($_SESSION['GHAuthSubToken']) && !isset($_GET['token']))
> > > > {
> > > > if (! $next) {
> > > > //LIVE NEXT VAR
> > > > //$next = getCurrentUrl();
>
> > > > //DEVELOPMENT NEXT VAR
> > > > $next = 'http://localhost';
> > > > }
> > > > if (! $linktext) {
> > > > $linktext = 'click here';
> > > > }
> > > > //DEVELOPMENT SCOPE
> > > > $scope = 'https://www.google.com/h9/feeds';
>
> > > > //PRODUCTION SCOPE
> > > > //$scope = 'https://www.google.com/health/feeds';
>
> > > > $secure = 1;
> > > > $session = 1;
> > > > $permission = 1;
> > > > $authSubURL = Zend_Gdata_AuthSub::getAuthSubTokenUri($next,
> > > > $scope,
> > > > $secure,
> > > > $session);
>
> > > > //COMMENT OUT FOR PRODUCTION
> > > > $authSubURL = str_replace('/accounts/AuthSubRequest',
> > > > '/h9/
> > > > authsub',
> > > > $authSubURL . '&permission=' .
> > > > $permission);
>
> > > > // Could be replaced with a redirect...
> > > > echo '<h3 id="google-signup">We apologize for the
> > > > inconvenience, but you must first signup for a Google Health account
> > > > or link your current Google Health to your PassportMD account before
> > > > using this service. Please <a href="' . $authSubURL . '">' .
> > > > $linktext . '</a> to do so now.</h3>';
>
> > > > return;
> > > > }
>
> > > > // Convert an AuthSub one-timetokeninto a sessiontokenif
> > > > needed
> > > > if (!isset($_SESSION['GHAuthSubToken']) && isset($_GET['token']))
> > > > {
> > > > $client = new Zend_Gdata_HttpClient();
> > > > // This sets your private key to be used to sign
> > > > subsequent
> > > > requests
> > > >
> > > > $client->setAuthSubPrivateKeyFile('/var/www/vhosts/passportmd.com/
> > > > httpdocs/devteam/app/interfaces/front/secure/secure_inc/getreal_lib/
> > > > myrsakey.pem', null, true);
> > > > $sessionToken =
> > > > Zend_Gdata_AuthSub::getAuthSubSessionToken($_GET['token'], $client);
> > > > // Set the long-lived sessiontokenfor subsequent
> > > > requests
> > > > //$client->setAuthSubToken($sessionToken);
> > > > //$_SESSION['GHAuthSubToken'] =
> > > > Zend_Gdata_AuthSub::getAuthSubSessionToken($_GET['token']);
> > > > //return $client;
> > > > $_SESSION['GHAuthSubToken'] = $sessionToken;
> > > > //$_SESSION['GHAuthSubToken'] =
> > > > $client->setAuthSubToken($sessionToken);
>
> > > > //$_SESSION['GHAuthSubToken'] =
> > > > Zend_Gdata_AuthSub::getAuthSubSessionToken($_GET['token']);
> > > > }
>
> > > > return
> > > > Zend_Gdata_AuthSub::getHttpClient($_SESSION['GHAuthSubToken']);}
>
> > > > -----------------------------------------------------------------------------------------------
>
> > > > I am going through the non-client library now.
>
> > > > Thanks again for all this help!
>
> > > > On Sep 21, 1:08 am, "Eric (Google)" <[EMAIL PROTECTED]> wrote:
>
> > > > > If yourtokenupgrade was working before, I suspect it's a problem
> > > > > with the data signing. Can you do the following
> > > > > as a sanity check:
>
> > > > > - Make sure myrsakey.pem is readable by your web server
> > > > > and actually being read.
>
> > > > > - Post the full $authSubURL so I can take a look.
>
> > > > > - Try this non-client library version to see if it
> > > > > works:http://gdatatips.blogspot.com/2008/07/secure-authsub-in-php.html
>
> > > > > Eric
>
> > > > > On Sep 20, 2:02 pm, Ralph <[EMAIL PROTECTED]> wrote:
>
> > > > > > Hi, Eric,
>
> > > > > > 1. Yes we're registered with Google Health
> > > > > > 2. Sorry for that, I was forcing secure =1 in the URL while I was
> > > > > > testing so we could still demo the application on localhost with
> > > > > > $secure=0.
>
> > > > > > We're still getting the sameerror.
>
> > > > > > Thanks,
>
> > > > > > Ralph
>
> > > > > > On Sep 19, 6:11 pm, "Eric (Google)" <[EMAIL PROTECTED]> wrote:
>
> > > > > > > Hi Ralph,
>
> > > > > > > I noticed a couple of things:
>
> > > > > > > 1.) Have you registered your domain(s) with Google Health?
> > > > > > > Signed requests won't work from localhost. Please
> > > > > > > visithttp://services.google.com/events/googhealthdevelopers
>
> > > > > > > 2.) I noticed your snippet had $secure = 0. Make sure it's
> > > > > > > $secure=1 when you switch back to signed requests.
>
> > > > > > > Cheers,
> > > > > > > eric
>
> > > > > > > On Sep 19, 2:40 pm, Ralph <[EMAIL PROTECTED]> wrote:
>
> > > > > > > > Hello,
>
> > > > > > > > I keep getting a403InvalidTokenerrorwhen trying to set secure =
> > > > > > > > 1. We need to test the secure tokens for the production
> > > > > > > > environment.
> > > > > > > > Our code works with secure = 0 and we've uploaded the x.509
> > > > > > > > cert to
> > > > > > > > our Manage Domains section and you can see where we invoke it
> > > > > > > > below
> > > > > > > > with the setAuthSubPrivateKeyFile() function.
>
> > > > > > > > I've tried editing the code and making changes with no success.
>
> > > > > > > > Here is our function code:
> > > > > > > > ---------------------------------------------------------------------------
> > > > > > > > -----------------------------------
> > > > > > > > function GHAuthenticate($linktext='', $next='') {
> > > > > > > > // If there is no AuthSub session or one-timetokenwaiting
> > > > > > > > for
> > > > > > > > us,
> > > > > > > > // redirect the user to the AuthSub server to get one.
> > > > > > > > if (!isset($_SESSION['GHAuthSubToken']) &&
> > > > > > > > !isset($_GET['token']))
> > > > > > > > {
> > > > > > > > if (! $next) {
> > > > > > > > //LIVE NEXT VAR
> > > > > > > > //$next = getCurrentUrl();
>
> > > > > > > > //DEVELOPMENT NEXT VAR
> > > > > > > > $next = 'http://localhost';
> > > > > > > > }
> > > > > > > > if (! $linktext) {
> > > > > > > > $linktext = 'click here';
> > > > > > > > }
> > > > > > > > //DEVELOPMENT SCOPE
> > > > > > > > $scope = 'https://www.google.com/h9/feeds';
>
> > > > > > > > //PRODUCTION SCOPE
> > > > > > > > //$scope =
> > > > > > > > 'https://www.google.com/health/feeds';
>
> > > > > > > > $secure = 0;
> > > > > > > > $session = 1;
> > > > > > > > $permission = 1;
> > > > > > > > $authSubURL =
> > > > > > > > Zend_Gdata_AuthSub::getAuthSubTokenUri($next,
> > > > > > > > $scope,
> > > > > > > >
> > > > > > > > $secure,
> > > > > > > > $session);
>
> > > > > > > > //COMMENT OUT FOR PRODUCTION
> > > > > > > > $authSubURL =
>
> ...
>
> read more »
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Google Health Developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/googlehealthdevelopers?hl=en
-~----------~----~----~----~------~----~------~--~---
