Hi Eric, here is where I am on this: I caused by laptop to be accessible from the internet using a numeric IP address. I then put the verification html file generated by Google in the wwwroot directory as per Google instructions (to show that I have admin rights on my laptop). The verification was successful showing that Google could reach my laptop over the internet. I then registered that IP address using the Google manage domains page successfully as well. I also uploaded an X509 certificate successfully and got back my OAuth consumer key and secret successfully. So, all appears to be OK for a numeric IP address (in lieu of an actual domain name) . Now, I then caused my application to use secure = 1 rather than secure = 0, and changed the url in the browser from localhost to my IP address to test my application securly. This is when my issue starts. When I get to the Google login page and put in my credentials, I do not get redirected to the 2nd Google authorization page with the radio buttons for choosing a profile. Instead, I get a Google generated error page. I have tested providing the initial url by using 2 methods. Method 1 is without using AuthSubUtil, and method 2 is using AuthSubUtil to construct the initial URL to the Google login page. Here are the urls, and the error message I get using each of them. The error messages are different:
Method 1 - NOT using AuthSubUtil, the initial url is: https://www.google.com/h9/authsub?next=http://111.222.333.44/ppp/Ephr/ImportExport/GoogleHealth/GooglePostAuthorization.aspx &scope=https://www.google.com/h9/ feeds&secure=1&session=1&permission=1&conf=1 Method 1 error = Invalid Usage Sharing denied: unregistered provider: 111.222.333.44 (NOTE: 111.222.333.44 is the substitute for my computers internet accessible IP address (don't want everyone to know it), but my internet accessible IP address appears here). Method 2 - using AuthSubUtils, the initial url is: https://www.google.com/accounts/AuthSubRequest?next=http%3A%2F%2F111.222.333.44%2Fppp%2FEphr%2FImportExport%2FGoogleHealth%2FGooglePostAuthorization.aspx &scope=https%3A%2F%2Fwww.google.com%2Fh9%2Ffeeds&secure=1&session=1 Method 2 error = scope parameter is bad or missing Note that my code never even got to the point where I exchange a single use token for a session token using the private key. Google never redirects back to me using the next parameter and throws the error immediately upon clicking the login button. So, the problem is with the intial urls above, or my registration which appears to successful is not really successful after all. Now, If I simply set the scope parameter to 0, and use localhost in lieu of my IP address, everthing works just perfectly as it always has. I also tried using the manage domains page "Test your AuthSub registration here". The url I put in was: http://111.222.333.44/ppp/Ephr/ImportExport/GoogleHealth/GooglePostAuthorization.aspx but Google redrected back to me without the ppp parameter as follows: http://111.222.333.44/Ephr/ImportExport/GoogleHealth/GooglePostAuthorization.aspx Of course, my browser reported that the page could not be found. What I think is happening here is that the "Test your AuthSub registration" was successful since Google emulated redirecting to my "next" page, even though the url was missing the ppp part. If you need my actual IP address, I can sent it to you directly rather than post it on this forum. On Oct 22, 8:05 pm, "Eric (Google)" <[EMAIL PROTECTED]> wrote: > Hi th55, > > First, you should decide between secure AuthSub and OAuth :) Either > is fine. > > Regarding your domains, private keys, and public certificates: > You can use the same private_key/cert pair from any domain, > even it is not exposed to the outside world. Just make sure you're > signing > API requests using the correct private key that corresponds > to the public cert for that particular "domain" in /accounts/ > ManageDomains tool. > > For development, I recommend setting up a virtual host on your server. > You could also request PC0848 and usehttp://PC0848as your next url. > The host is firewalled/unresolveable, but I can manually verify it for > you. > > Note: you'll still have to request the domain for Health using the > form. > I believe IP addresses will also work. Let me know what you decide. > > Eric > > On Oct 22, 1:30 pm, th55 <[EMAIL PROTECTED]> wrote: > > > > > I have generated an X509 certificate and completed the domain > > registration for our QA environment, and have recieved the OAuth key > > and secret successfully. This is specific to our QA environment which > > no development takes place on, of course. However, I still have work > > to do in our application to change over from using AuthSub with > > "localhost" to putting the code in place to use a certificate, both > > for OAuth and secure AuthSub (I never finished coding the secure > > part). What I am not clear on is how can I develop this code on my > > laptop, which does not have a domain name assisgned and resolvable by > > any DNS server. All I have is the name of my PC (e.g. PC0848) and > > "localhost" as options for the start url's in Visual Studio. Also, I > > would guess that I need an X509 certificate pertaining specifically to > > my laptop and would have to go thru the registraion process, but I > > can't do that since there is no domain name to put in the registration > > form. Also, my laptop is behind a proxy and our corporate firewall > > and is not normally reachable from the internet for the Google manage > > domain page to probe. I can cause my laptop to be publically > > accessible from the internet, but it can only be reached by an actual, > > numeric IP address. So, the question is, how can I finish my > > development to make sure OAuth and secure AuthSub work from my > > development laptop with no domain name, and not publically reachable > > by the Google manage domains page?- Hide quoted text - > > - Show quoted text - --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Health Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/googlehealthdevelopers?hl=en -~----------~----~----~----~------~----~------~--~---
