Hi Harry, Google is right. You include the oauth_ parameters in the query string and in the Authorization header. So every oauth parameter is present twice. You should send the oauth parameters either with query string or with the authorization header, not with both.
Hope this helps, I don't know the python library, though I guess you can choose where you add the oauth parameters. - Marc On 7 feb 2009, at 23:59, harry wrote: > > Hello, > > My webapp is trying to connect to google to import contacts data. When > I send the initial request to get the request-token, I get a 400 Bad > Request response from google and the reason is that signature is > invalid according to google. The base string that google sends in the > response is duplicating some parameters. For example, my request is: > > GET > https://www.google.com/accounts/OAuthGetRequestToken?oauth_nonce=97740954&oauth_timestamp=1234047249&oauth_consumer_key=ec2-67-202-42-146.compute-1.amazonaws.com&oauth_signature_method=HMAC-SHA1&oauth_version=1.0&oauth_signature=RfmKq7AvJOy%2F3yUlgjit4OHn548%3D&scope=http%3A%2F%2Fwww.google.com%2Fm8%2Ffeeds%2F > HTTP/1.1 > Host: www.google.com > Accept-Encoding: identity > Authorization: OAuth realm="", oauth_nonce="97740954", > oauth_timestamp="1234047249", > oauth_consumer_key="ec2-67-202-42-146.compute-1.amazonaws.com", > oauth_signature_method="HMAC-SHA1", oauth_version="1.0", > oauth_signature="RfmKq7AvJOy%2F3yUlgjit4OHn548%3D" > > Google's base string is: > > GET&https%3A%2F%2Fwww.google.com%2Faccounts%2FOAuthGetRequestToken& > oauth_consumer_key%3Dec2-67-202-42-146.compute-1.amazonaws.com%26 > oauth_consumer_key%3Dec2-67-202-42-146.compute-1.amazonaws.com%26 > oauth_nonce%3D50071042%26 > oauth_nonce%3D50071042%26 > oauth_signature_method%3DHMAC-SHA1%26 > oauth_signature_method%3DHMAC-SHA1%26 > oauth_timestamp%3D1234043856%26 > oauth_timestamp%3D1234043856%26 > oauth_version%3D1.0%26 > oauth_version%3D1.0%26 > scope%3Dhttp%253A%252F%252Fwww.google.com%252Fm8%252Ffeeds%252F > > As you can see some parameters like oauth_consumer_key, oauth_nonce > etc are being duplicated in the base string used by google. FYI, I'm > using the python oauth library to make the request. Any ideas as to > what I may have missed ? > > Thanks, > Harry > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
