It's probably also important to note that my access token was authorized for scope=https://www.google.com/h9/feeds/
Thanks again, Shawn On Oct 3, 12:11 pm, "Shawn Kessler" <[EMAIL PROTECTED]> wrote: > One difference I noticed is that I wasn't including the oauth_version in my > request. I've added that and have the same results. So now I have the > following request: > > https://www.google.com/h9/feeds/profile/default/-/medication?oauth_to... > > And my header is: > GET > /h9/feeds/profile/default/-/medication?oauth_token=1%252FtpyFG2wRxCue1KA8RmQTMQwS51WsrmNKmhHfTNxEWro&oauth_consumer_key=www.pharmasurveyor.com > &oauth_signature_method=RSA-SHA1&oauth_timestamp=1223060790&oauth_nonce=171594414794547&oauth_version=1.0&oauth_signature=qV1dkOSmzesJDe2CjITM9%2BzLH%2FLLbYkutNwT0BpVX%2BZfC7iljnFANyooi%2FIaKot5mYQNpPNVlexNKj4%2BNPurreaZ20BBA%2FzIZMXxRKPLMRGUr%2Fa2dxyHMRpEypTQ8WO8D%2FIal%2FHWQuZrxklBI7YeE7rPgTFiT97sAOOvsxUCTUM%3D > Authorization: OAuth > oauth_token="1%252FtpyFG2wRxCue1KA8RmQTMQwS51WsrmNKmhHfTNxEWro", > oauth_consumer_key="www.pharmasurveyor.com", > oauth_signature_method="RSA-SHA1", oauth_timestamp="1223060790", > oauth_nonce="171594414794547", oauth_version="1.0", > oauth_signature="qV1dkOSmzesJDe2CjITM9%2BzLH%2FLLbYkutNwT0BpVX%2BZfC7iljnFANyooi%2FIaKot5mYQNpPNVlexNKj4%2BNPurreaZ20BBA%2FzIZMXxRKPLMRGUr%2Fa2dxyHMRpEypTQ8WO8D%2FIal%2FHWQuZrxklBI7YeE7rPgTFiT97sAOOvsxUCTUM%3D" > User-Agent: Jakarta Commons-HttpClient/3.1 > Host:www.google.com > > to which Google is responding with: > HTTP/1.1 401 Token invalid - Invalid AuthSub token. > WWW-Authenticate: AuthSub > realm="http://www.google.com/accounts/AuthSubRequest"; > Content-Type: text/html; charset=UTF-8 > Date: Fri, 03 Oct 2008 19:07:44 GMT > Expires: Fri, 03 Oct 2008 19:07:44 GMT > Cache-Control: private, max-age=0 > Content-Length: 199 > Set-Cookie: S=weaver=7oYjORQ5cZc; Domain=.google.com; Path=/ > Server: GFE/1.3 > > Do I need to set the realm to something specific in my header to use OAuth? > I don't see that mentioned in the documentation anywhere but it still looks > like my request keeps getting handled by the AuthSub request handler instead > of the OAuth request handler. > > Thanks again for any help. > > Shawn > > > > On Fri, Oct 3, 2008 at 9:30 AM, Shawn Kessler <[EMAIL PROTECTED]> wrote: > > Thanks for the help Erick. This project had been put on hold but I'm back > > to it now. I successfully registered the domain with h9 and can now get an > > OAuth Access token. However I haven't been able to successfully request any > > data with that token so I'm back looking for more help. I go through the > > token exchange process and this is the final response I get from h9 (during > > token exchange): > > > oauth_token=1%2FtpyFG2wRxCue1KA8RmQTMQwS51WsrmNKmhHfTNxEWro&oauth_token_secret=BJzcOyqnDYQNK%2BqhKySzGHga > > > At this point I look in my h9 test user profile and see that my account has > > been successfully linked. > > > Now when I create a request for data like so: > > >https://www.google.com/h9/feeds/profile/default/-/medication?oauth_to... > > > h9 responds with: > > HTTP/1.1 401 Token invalid - Invalid AuthSub token. > > WWW-Authenticate: AuthSub realm=" > >http://www.google.com/accounts/AuthSubRequest"; > > Content-Type: text/html; charset=UTF-8 > > Date: Fri, 03 Oct 2008 16:10:19 GMT > > Expires: Fri, 03 Oct 2008 16:10:19 GMT > > Cache-Control: private, max-age=0 > > Content-Length: 199 > > Set-Cookie: S=weaver=7OP11q2-f5c; Domain=.google.com; Path=/ > > Server: GFE/1.3 > > > What's not 100% clear to me is if Google fully supports OAuth (from token > > creation all the way through making requests for data) or if I can only use > > the OAuth implementation to get the token but then have to revert to AuthSub > > style requests for data (with the token I got via OAuth). > > > I'm not sure what else to do, the code I'm using has worked successfully > > with another OAuth provider and I don't appear to have any way from my test > > user account to see what value Google has for my token (would this be a > > useful debugging capability in h9?). Should I be using a different URL when > > requesting data via OAuth; the error message makes it sound like Google is > > expecting the parameters to be formatted in a manner that AuthSub > > understands which may not be the same as how OAuth wants them formattted. > > Any help or suggestions here would be greatly appreciated. > > > Shawn > > > On Mon, Aug 25, 2008 at 1:33 PM, Eric (Google) <[EMAIL PROTECTED]>wrote: > > >> Hi Shawn, > > >> Great questions. We currently don't have OAuth documented > >> for the Health API, so I'll try and answer your questions here. > > >> On Aug 25, 10:34 am, Shawn Kessler <[EMAIL PROTECTED]> wrote: > >> > Hello, > > >> > I'm currently trying to use the OAuth authentication with Google > >> > Health. I've done steps one through three that Jerry posted (http:// > >> > groups.google.com/group/googlehealthdevelopers/browse_thread/thread/ > >> > aa2482e8c76a84a7) but step > >> > four has stumped me. All of the documentation I can find on how to use > >> > h9 seems to only directly apply to the SubAuth authentication with > >> > little notes about OAuth intermixed (notes like: "you can also use > >> > OAuth," which aren't incredibly helpful.) Is there some documentation > >> > that gives step by step instructions on how to use h9 in conjunction > >> > with OAuth? If not, perhaps my question can be answered here. As of > >> > right now I have two domains registered on the "regular" Google site. > >> > The domains are registered, verified and my certificate has been > >> > uploaded. I have a Java app running in Tomcat that is making a > >> > successful request tohttps:// > >>www.google.com/accounts/OAuthGetRequestToken?... > >> > scope=http%3A%2F%2Fwww.google.com%2Fh9%2Ffeeds%2Fprofile%2Fdefault > > >> You should use a broader scope, and for HTTPS: > >>https://www.google.com/h9/feeds/ > > >> For example, if you usehttps://www.google.com/h9/feeds/profile/default, > >> your application won't be able to POST notices at > >>https://www.google.com/h9/feeds/register/default > > >> > This request is returning successfully and eventually I'm redirected > >> > to the weaver login page. When I login (with the account that has been > >> > approved for testing) the browser displays an error page that says: > > >> > Error > >> > Invalid Usage > >> > Sharing denied: unregistered provider domain:www.mydomain.com > > >> > I'm assuming the problem is that my domain isn't registered on weaver, > >> > only on the real site. So two questions. 1) When testing on h9 should > >> > I be using this URL: > >>https://www.google.com/accounts/OAuthGetRequestToken > >> > or should I be using something more likehttps:// > >>www.google.com/h9/accounts/OAuthGetRequestToken > >> > and 2) where do I register my domains so that they work on weaver or > >> > do I have to usehttp://localhost?IfI have to use localhost then I > >> > have a bunch of other questions but I'll wait for your initial answers > >> > before going there. > > >> 1.) You should use https://www.google.com/accounts/OAuthGetRequestToken, > >> OAuthAuthorizeToken, and OAuthGetAccessToken for the token endpoints. > >> You'll automatically be redirected from OAuthAuthorizeToken to > >> Health's > >> special oauth handler > >> athttps://www.google.com/(h9|health)/oauth<https://www.google.com/%28h9%7Chealth%29/oauth> > > >> 2.) The Health API has an additional registration process. > >> Send an email to [EMAIL PROTECTED] and include a list of > >> the subdomains you plan to use. > > >> > For the sake of testing my own theory I changed my code to use the > >> > real google health feed instead: > >>https://www.google.com/accounts/OAuthGetRequestToken?... > >> > scope=http%3A%2F%2Fwww.google.com%2Fhealth%2Ffeeds%2Fprofile%2Fdefault > > >> > This resulted in the exact same behavior (Invalid Usage error). > > >> > I double checked my domains and they are registered with enhanced > >> > security and I followed the steps here: > >>http://code.google.com/apis/accounts/docs/RegistrationForWebAppsAuto.... > >> > including step 5 (Test your registration status.), which succeeded. > > >> You have to be white-listed for API calls to /health, so only use /h9 > >> URIs for now. > > >> > If I change my oauth_consumer_key value fromwww.mydomain.comtoa bad > >> > domain namewww.baddomain.comthenI never reach the login page (I get > >> > a bad oauth_consumer_key error before even getting the chance to > >> > login). So I feel confident that the authentication process is > >> > recognizing my domain but for some reason the domain isn't fully > >> > registered to be used with Google Health. I'm not sure what to do to > >> > fix this. > > >> > As reference I've read through these two pages: > >>http://code.google.com/apis/accounts/docs/OAuth.htmlhttp://code.googl..... > >> .. > > >> > Thanks for you help, > >> > Shawn > > > -- > > Hate is baggage. > > >http://www.robynkesslerphotography.com > > -- > Hate is baggage. > > http://www.robynkesslerphotography.com --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Health Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/googlehealthdevelopers?hl=en -~----------~----~----~----~------~----~------~--~---
