Thanks for the response Marc, Yes you are right! The Google OAuth playground seemed to be sending the params in both URL and Authorization header which confused me. Anyways - with a small hack in the Python library, I've managed to get it to work by only sending params in Authorization header and not in the URL.
Thanks for you help ! regards, Harshit On Feb 7, 6:38 pm, Marc Worrell <[email protected]> wrote: > Hi Harry, > > Google is right. You include the oauth_ parameters in the query > string and in the Authorization header. So every oauth parameter is > present twice. You should send the oauth parameters either with query > string or with the authorization header, not with both. > > Hope this helps, I don't know the python library, though I guess you > can choose where you add the oauth parameters. > > - Marc > > On 7 feb 2009, at 23:59, harry wrote: > > > > > Hello, > > > My webapp is trying to connect to google to import contacts data. When > > I send the initial request to get the request-token, I get a 400 Bad > > Request response from google and the reason is that signature is > > invalid according to google. The base string that google sends in the > > response is duplicating some parameters. For example, my request is: > > > GET > >https://www.google.com/accounts/OAuthGetRequestToken?oauth_nonce=9774... > > HTTP/1.1 > > Host:www.google.com > > Accept-Encoding: identity > > Authorization: OAuth realm="", oauth_nonce="97740954", > > oauth_timestamp="1234047249", > > oauth_consumer_key="ec2-67-202-42-146.compute-1.amazonaws.com", > > oauth_signature_method="HMAC-SHA1", oauth_version="1.0", > > oauth_signature="RfmKq7AvJOy%2F3yUlgjit4OHn548%3D" > > > Google's base string is: > > > GET&https%3A%2F%2Fwww.google.com%2Faccounts%2FOAuthGetRequestToken& > > oauth_consumer_key%3Dec2-67-202-42-146.compute-1.amazonaws.com%26 > > oauth_consumer_key%3Dec2-67-202-42-146.compute-1.amazonaws.com%26 > > oauth_nonce%3D50071042%26 > > oauth_nonce%3D50071042%26 > > oauth_signature_method%3DHMAC-SHA1%26 > > oauth_signature_method%3DHMAC-SHA1%26 > > oauth_timestamp%3D1234043856%26 > > oauth_timestamp%3D1234043856%26 > > oauth_version%3D1.0%26 > > oauth_version%3D1.0%26 > > scope%3Dhttp%253A%252F%252Fwww.google.com%252Fm8%252Ffeeds%252F > > > As you can see some parameters like oauth_consumer_key, oauth_nonce > > etc are being duplicated in the base string used by google. FYI, I'm > > using the python oauth library to make the request. Any ideas as to > > what I may have missed ? > > > Thanks, > > Harry > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
