Thanks, Paul. We used the same certificate and thing worked. Also now we are sending parameter as “Authorization" header and getting data.
Thanks once again. CTIS Team On Oct 25, 3:32 pm, "Paul (Google)" <[email protected]> wrote: > Great news about getting the token! Was the issue the certificates > being out of sync or the pk not being loaded? Both are common issues, > which I'm looking to handle better in our APIs/services. > > The OAuth parameters should be sent as values of a "Authorization" > header for data access requests, and not a GET parameters. The > following page has information of how to sign your requests. > > http://code.google.com/apis/accounts/docs/OAuth_ref.html#SigningOAuth > > Paul > > On Oct 24, 12:36 pm, CTISTeam <[email protected]> wrote: > > > > > Hi, Paul, > > > Now things seem to be OK with OAuth Authentication process and we are > > getting token back. > > > But new problem… Now when we request for profile data using following > > feed urls… > > >https://www.google.com/h9/feeds/register/default > > > or > > >https://www.google.com/h9/feeds/profile/default > > > we are getting following message. > > > The remote server returned an error: (500) Internal Server Error. > > > I checked the complete request... > > >https://www.google.com/h9/feeds/profile/default?oauth_token=1%2FFJNf0... > > &oauth_nonce=bpnEHM4D&oauth_signature_method=RSA- > > SHA1&oauth_signature=DNOkoT25KKKs9OzYi4FP1iPB%2FnWBI%2FNo4zQA > > %2FwhPgZ7S1K1fRm3cS9btGWXesIawG0lAxqVNzt > > %2FSzfBhivkBWj07MjWKQBabzCrYOpLT4ifJdHYMDaxlEanFtO4bFjfcCicSdookrFdZ0vPWFZ3 > > 6aNL3g4ukhWeJPeOWWzQ2TcY > > %3D&oauth_version=1.0&oauth_timestamp=1287948592 > > > Now not sure what is going wrong !! > > > Thanks, > > > On Oct 22, 6:03 pm, "Paul (Google)" <[email protected]> wrote: > > > > You will get the "signature invalid" error if your local certificate > > > and the certificate uploaded to Google are out of sync. There > > > unfortunately isn't a way to check the certificate currently loaded > > > for a domain. The best option for fixing this is to re-generate the > > > certificate and PEM file, and re-install them into your app and the > > > Manage Domains Tool. Uploading a new certificate in the Manage > > > Domains Tool replaces the exiting certificate. > > > > I don't believe that Google validates the domain name for OAuth > > > requests, so you should be able to port your certificate to a > > > different server with a different domain name without any issues. > > > > I'm not positive if this affects OAuth, but the GData client libraries > > > silently fail in certain circumstances if the certificate can't be > > > loaded, which causes the request to be improperly signed. One way to > > > check if the certificate is being loaded properly is to output the > > > private key before you pass it to the OAuth signer. > > > > Paul > > > > On Oct 20, 4:12 pm, CTISTeam <[email protected]> wrote: > > > > > Hi, Paul, > > > > > As suggested by you, we copied and pasted URL generated in browser, we > > > > are getting following message "signature_invalid" as response. > > > > > So does that mean some problem with signature or certificate ? > > > > > Few questions... > > > > > 1. Is there any way to check / get the certificate uploaded to Google > > > > at time of domain registration? > > > > 2. If we change the server keeping same domain, impact certificate? > > > > > Thanks, > > > > CTISTeam > > > > > On Oct 18, 6:05 pm, "Paul (Google)" <[email protected]> wrote: > > > > > > You should be able to look at the response body to see more > > > > > information > > > > > about the error, which would look like "the token is invalid" > > > > > or "invalid signature". If you past the URL into a browser soon after > > > > > you generate it in your code, the browser should display the root > > > > > cause. If you wait too long, you'll get an error about the time-stamp. > > > > > > The scope parameter isn't part of the OAuthGetAccessToken request, and > > > > > would probably be good to omit for debugging. > > > > > > Paul- Hide quoted text - > > > > - Show quoted text -- Hide quoted text - > > - Show quoted text - -- You received this message because you are subscribed to the Google Groups "Google Health Developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/googlehealthdevelopers?hl=en.
