You need to set your privateKey when setting the session token:

service.setAuthSubToken(sessionToken, privateKey);

See the example here:
http://code.google.com/apis/gdata/authsub.html#request-session-token

Eric

On Dec 12, 10:52 am, eaudet <[email protected]> wrote:
> 1- Getting a token (this works all the time):
>
>        // this is the code called when Google Health is calling my app
> with a token et the request.
>
>         private void processAcceptAuthSubToken(HttpServletRequest request,
>                         HttpServletResponse response) throws IOException {
>                 /*
>                  * Request is caused by a user being redirected back from 
> AuthSub
> login
>                  */
>                 if (request.getParameter("token") != null) {
>                         HealthSample sp = new HealthSample();
>                         try {
>                                 // upgrade the single use token to a
> session token
>                                 String token = sp.exchangeAuthSubToken(request
>                                                 .getParameter("token"));
>
>                                 request.getSession().setAttribute
> (MobiConstants.HEALTH_TOKEN, token);
>
> //                              sp.persistToken(token);
>
>                                 response.sendRedirect("Main.html");
>                         } catch (HealthSampleException e) {
>                                 System.err.println("Authentication exception: 
> "
>                                                 + e.getMessage());
>                         }
>                 }
>         }
>
> 2- upgrading a token (this works all the time):
>
>         public String exchangeAuthSubToken(String singleUseToken)
>                         throws HealthSampleException {
>
>                 try {
>
>                         PrivateKey privateKey =
> AuthSubUtil.getPrivateKeyFromKeystore(
>                                         "/AuthSubExample.jks",
> "password", "AuthSubExample",
>                                         "password");
>                         authSubToken =
> AuthSubUtil.exchangeForSessionToken(URLDecoder.decode
> (singleUseToken, "UTF-8"), privateKey);
>
>                 } catch (Exception e) {
>                         throw new HealthSampleException(
>                                         "Problem while exchanging
> AuthSub token.", e);
>                 }
>
>                 return authSubToken;
>
>         }
>
> 3. querying data (this fails on some users)
>
>         public String getProfile() throws HealthSampleException {
>                 if (this.authSubToken == null) {
>                         throw new HealthSampleException(
>                                         "Need to supply a token before
> retrieving profile.");
>                 }
>                 GoogleService service = new GoogleService("weaver",
> "HealthSample");
>                 service.setAuthSubToken(this.authSubToken);
>                 Query query = null;
>                 try {
>                         query = new Query(
>                                         new URL(
>                                                         
> "https://www.google.com/h9/feeds/profile/default?
> digest=true"));
>                 } catch (MalformedURLException e) {
>                         throw new HealthSampleException("Bad profile
> URL!", e);
>                 }
>
>                 try {
>                         Feed result = service.query(query,
> Feed.class);
>                         // there should be only one entry that
> contains
>                         // the CCRg document for the profile.
>                         for (Entry entry : result.getEntries()) {
>                                 return prettifyXmlBlob(entry.getXmlBlob
> ());
>                         }
>                 } catch (Exception e) {
>                         throw new HealthSampleException("Error
> retrieving profile", e);
>                 }
>
>                 // If we don't find any profile data, return nothing.
>                 // This probably means the sample app wasn't granted
> full access.
>                 return "";
>         }
>
> On Dec 11, 4:30 pm, "Eric (Google)" <[email protected]> wrote:
>
> > On Dec 10, 8:55 am, eaudet <[email protected]> wrote:
>
> > > Update,
>
> > > It works for at least one user but for some reasons for other users it
> > > fails.
>
> > > This makes me think it is possibly a bug on the google health (H9)
> > > side. Can you insvestigate the profiles service offered on the H9
> > > server?
>
> > Please post code snippets for getting atoken,upgradingatoken, a
> > and querying data.
>
> > Eric
>
> > > - Erick
>
> > > On Dec 9, 11:26 pm, eaudet <[email protected]> wrote:
>
> > > > Hi Eric
>
> > > > I am still stuck with this problem. It's been a week now. I am running
> > > > all tests using secure=0 but when switching to secure=1, I am uable to
> > > > get a one timetoken, convert it to a sessiontokenusing my perm file
> > > > (priorly uploaded to H9) but for some reasons I can't get the profile.
> > > > I have the exact same error (Unknown authorization header).
>
> > > > I have flushed all my database users to make sure any old tokens were
> > > > hanging around and throwing an exception that would make my apps
> > > > crashed but it still give the same error.
>
> > > > I have filled out all the needed criteria to post my solution for
> > > > final acceptance and the only thing not working is the secure=1 thing.
> > > > It used to work before December 2nd. ;-(
>
> > > > Can you help me solve this issue? I am using Java and GWT.
>
> > > > Thanks,
>
> > > > Erick
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"Google Health Developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to 
[email protected]
For more options, visit this group at 
http://groups.google.com/group/googlehealthdevelopers?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to