Hi All, From the posts it appears that many programmers have a hard
time getting the X509 certificate to work with AuthSub for web
applications. The code below represents a single, stand alone C# aspx
page that allows you to test the X509 functionality of your site with
a single aspx page. There is no code behind required since all the
code is inline. Simply put this page in your directory and call it
from your browser. It assumes the .NET environment is available on
your server. This test page is intended to be used after you perform
part 1 and part 2 of domain registration, and then upload your X509 to
Google. The X509 is intended to be in the certificate store for
windows based servers (E.g. certificate store for 'computer account')
You will have to change the url to be your server url's in the code,
of course, and the name of your certificate. So, the basic page shows
retrieving the certificate from the certificate store, and then
exchanging the 1st Google token for a long life token using the
private key. If all goes well, you will see a printout in the web
page of the 2 tokens as strings. If the call to
exchangeForSessionToken fails, it will be caught by the exception
handlers.
Some Notes: I have found that the initial url to Google is senstive to
url encoding. The coding shown for the url is that which worked on 2
servers for me. Note that the "&secure=1" is url encoded which I had
to do for one of our servers to get the exchange to work. Tweaks may
be needed for your server. The complete code for the stand alone aspx
page is shown below.
Hope this helps fellow programmers
<%@ Import Namespace="System.Reflection"%>
<%@ Page Language="C#" %>
<%@ Import Namespace="System.Security.Cryptography.X509Certificates"
%>
<%@ Import Namespace="System.Security.Cryptography" %>
<%@ Import Namespace="System" %>
<%@ Import Namespace="Google.GData.Client" %>
<script runat="server">
//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
protected void Page_Load(object sender, EventArgs e) {
Response.Write(DateTime.Now.ToString());
string url = "https://www.google.com/h9/authsub?next="; +
HttpUtility.UrlEncode("https://
www.yourdomain.com/ophr/TestX509.aspx") +
"&scope=" +
HttpUtility.UrlEncode("https://www.google.com/h9/
feeds&secure=1") + "&session=1&permission=1";
if( !IsPostBack)
this.TextBox1.Text = url;
if( Request["token"] != null) {
string token = Request["token"];
Response.Write(" 1st Token = " + token + "<br />");
X509Certificate2 cert =
FindCertificate("www.yourcertificatename.com");
if( cert != null) {
try{
AsymmetricAlgorithm privateKey = cert.PrivateKey
as RSACryptoServiceProvider;
string token2 =
AuthSubUtil.exchangeForSessionToken( token, privateKey);
Response.Write("Long life token returned from
Google after providing private key = " + token2);
}
catch(System.Net.WebException ex){
Response.Write(ex.InnerException);
}
catch(Exception ex1){
Response.Write(ex1.InnerException);
}
}
}
}
//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
public void bn_Submit_Click(object sender, EventArgs a) {
Response.Redirect(this.TextBox1.Text);
}
//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
public X509Certificate2 FindCertificate(string certificateName){
X509Certificate2 retCertificate = new X509Certificate2();
try{
X509Store certStore = new
X509Store(StoreLocation.LocalMachine);
certStore.Open(OpenFlags.ReadOnly);
foreach (X509Certificate2 cert in certStore.Certificates)
if
(cert.Subject.ToLower().Contains(certificateName.ToLower())) {
retCertificate = cert;
certStore.Close();
break;
}
}
catch (Exception ex){
Response.Write(MethodBase.GetCurrentMethod() + " | " +
ex.Message);
}
return retCertificate;
}
//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
</script>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://
www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"; >
<head id="Head1" runat="server">
<title>Test X509 Certificate To Google Health</title>
<meta http_equiv="Pragma" content="no-cache"></meta>
</head>
<body>
<form id="form1" runat="server">
<div>
<table style="width: 1236px; height: 188px">
<tr>
<td style="width: 776px">
<asp:Label ID="Label1" runat="server" Text="Enter
full url to Google with next parameter specified" Width="366px" Font-
Names="Arial"></asp:Label></td>
</tr>
<tr>
<td style="width: 776px">
<asp:TextBox ID="TextBox1" runat="server"
Width="1206px"></asp:TextBox></td>
</tr>
<tr>
<td style="width: 776px">
<asp:Button ID="Button1" OnClick="bn_Submit_Click"
runat="server" Text="Submit" /></td>
</tr>
</table>
</div>
</form>
</body>
</html>
�
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Google Health Developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/googlehealthdevelopers?hl=en
-~----------~----~----~----~------~----~------~--~---
