On Oct 23, 11:35 am, th55 <[EMAIL PROTECTED]> wrote:
> Hi Eric, here is where I am on this: I caused by laptop to be
> accessible from the internet using a numeric IP address. I then put
> the verification html file generated by Google in the wwwroot
> directory as per Google instructions (to show that I have admin rights
> on my laptop). The verification was successful showing that Google
> could reach my laptop over the internet. I then registered that IP
> address using the Google manage domains page successfully as well. I
> also uploaded an X509 certificate successfully and got back my OAuth
> consumer key and secret successfully. So, all appears to be OK for a
> numeric IP address (in lieu of an actual domain name) . Now, I then
> caused my application to use secure = 1 rather than secure = 0, and
> changed the url in the browser from localhost to my IP address to test
> my application securly. This is when my issue starts. When I get to
> the Google login page and put in my credentials, I do not get
> redirected to the 2nd Google authorization page with the radio buttons
> for choosing a profile. Instead, I get a Google generated error
> page. I have tested providing the initial url by using 2 methods.
> Method 1 is without using AuthSubUtil, and method 2 is using
> AuthSubUtil to construct the initial URL to the Google login page.
> Here are the urls, and the error message I get using each of them.
> The error messages are different:
>
> Method 1 - NOT using AuthSubUtil, the initial url is:
>
> https://www.google.com/h9/authsub?next=http://111.222.333.44/ppp/Ephr...
> &scope=https://www.google.com/h9/
> feeds&secure=1&session=1&permission=1&conf=1
Method 1 is correct. /accounts/AuthSubRequest won't work
because Health has it's our AuthSub token handler (/h9/authsub for
the
sandbox and /health/authsub for production Google Health).
The 'Invalid Usage - unregistered provider' comes from the fact
that you ALSO need to register the domain with Google Health in
addition to the ManageDomains registration.
See the Getting Started Guide:
http://code.google.com/apis/health/getting_started.html#RegisterGoogleHealth
So in your case, the domain is an IP address. You can use the form
at http://services.google.com/events/googhealthdevelopers to request
that it's registered for /h9.
>
> Method 1 error = Invalid Usage
> Sharing denied: unregistered provider: 111.222.333.44
> (NOTE: 111.222.333.44 is the substitute for my computers internet
> accessible IP address (don't want everyone to know it), but my
> internet accessible IP address appears here).
>
> Method 2 - using AuthSubUtils, the initial url is:
>
> https://www.google.com/accounts/AuthSubRequest?next=http%3A%2F%2F111....
> &scope=https%3A%2F%2Fwww.google.com%2Fh9%2Ffeeds&secure=1&session=1
>
> Method 2 error = scope parameter is bad or missing
>
> Note that my code never even got to the point where I exchange a
> single use token for a session token using the private key. Google
> never redirects back to me using the next parameter and throws the
> error immediately upon clicking the login button. So, the problem is
> with the intial urls above, or my registration which appears to
> successful is not really successful after all. Now, If I simply set
> the scope parameter to 0, and use localhost in lieu of my IP address,
> everthing works just perfectly as it always has.
>
> I also tried using the manage domains page "Test your AuthSub
> registration here". The url I put in was:
>
> http://111.222.333.44/ppp/Ephr/ImportExport/GoogleHealth/GooglePostAu...
>
> but Google redrected back to me without the ppp parameter as follows:
>
> http://111.222.333.44/Ephr/ImportExport/GoogleHealth/GooglePostAuthor...
>
> Of course, my browser reported that the page could not be found.
> What I think is happening here is that the "Test your AuthSub
> registration" was successful since Google emulated redirecting to my
> "next" page, even though the url was missing the ppp part.
>
> If you need my actual IP address, I can sent it to you directly rather
> than post it on this forum.
>
> On Oct 22, 8:05 pm, "Eric (Google)" <[EMAIL PROTECTED]> wrote:
>
> > Hi th55,
>
> > First, you should decide between secure AuthSub and OAuth :) Either
> > is fine.
>
> > Regarding your domains, private keys, and public certificates:
> > You can use the same private_key/cert pair from any domain,
> > even it is not exposed to the outside world. Just make sure you're
> > signing
> > API requests using the correct private key that corresponds
> > to the public cert for that particular "domain" in /accounts/
> > ManageDomains tool.
>
> > For development, I recommend setting up a virtual host on your server.
> > You could also request PC0848 and usehttp://PC0848asyour next url.
> > The host is firewalled/unresolveable, but I can manually verify it for
> > you.
>
> > Note: you'll still have to request the domain for Health using the
> > form.
> > I believe IP addresses will also work. Let me know what you decide.
>
> > Eric
>
> > On Oct 22, 1:30 pm, th55 <[EMAIL PROTECTED]> wrote:
>
> > > I have generated an X509 certificate and completed the domain
> > > registration for our QA environment, and have recieved the OAuth key
> > > and secret successfully. This is specific to our QA environment which
> > > no development takes place on, of course. However, I still have work
> > > to do in our application to change over from using AuthSub with
> > > "localhost" to putting the code in place to use a certificate, both
> > > for OAuth and secure AuthSub (I never finished coding the secure
> > > part). What I am not clear on is how can I develop this code on my
> > > laptop, which does not have a domain name assisgned and resolvable by
> > > any DNS server. All I have is the name of my PC (e.g. PC0848) and
> > > "localhost" as options for the start url's in Visual Studio. Also, I
> > > would guess that I need an X509 certificate pertaining specifically to
> > > my laptop and would have to go thru the registraion process, but I
> > > can't do that since there is no domain name to put in the registration
> > > form. Also, my laptop is behind a proxy and our corporate firewall
> > > and is not normally reachable from the internet for the Google manage
> > > domain page to probe. I can cause my laptop to be publically
> > > accessible from the internet, but it can only be reached by an actual,
> > > numeric IP address. So, the question is, how can I finish my
> > > development to make sure OAuth and secure AuthSub work from my
> > > development laptop with no domain name, and not publically reachable
> > > by the Google manage domains page?- Hide quoted text -
>
> > - Show quoted text -
>
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Google Health Developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/googlehealthdevelopers?hl=en
-~----------~----~----~----~------~----~------~--~---
