The signature base string should begin: POST&http%3A%2F%2Fwww.google.com%2Fcalendar%2Ffeeds%2Fdefault%2Fprivate %2Ffull&gsessionid
Technically it's incorrect for the authorization header to contain a gessionid parameter; the standard place to put it would be in the URL query string. But Google tolerates this, I imagine. Here's a little tool for checking signature computation: http://oauth.googlecode.com/svn/code/javascript/example/signature.html On Aug 18, 7:31 pm, Randy <rglissm...@gmail.com> wrote: > I've been successful with GET and now trying to use POST. I've used > the following base string for the signature: POST&%3A%2F%2F&gsessionid > %3DxpjA3uUinQTbCxbUtD3Thw%26oauth_consumer_key%3Dwww.heartwoodtech.com > %26oauth_nonce > %3Dcac46ac76242d8974f2a1eb883a6cb47%26oauth_signature_method%3DHMAC- > SHA1%26oauth_timestamp%3D1250648662%26oauth_token > %3D1%252FHRwOZSEYw5mwU0q89a7J7mATiaQZnWPB51nTvo8n9Sw%26oauth_version > %3D1.0 > > Any ideas on what I'm doing wrong? > > POST /calendar/feeds/default/private/full HTTP/1.1 > Host:www.google.com > Accept: */* > GData-Version: 2.0 > Content-Type: application/atom+xml > Authorization: OAuth gsessionid="xpjA3uUinQTbCxbUtD3Thw", > oauth_consumer_key="www.heartwoodtech.com", > oauth_nonce="cac46ac76242d8974f2a1eb883a6cb47", > oauth_signature="opYs15Odhkde9PX5kuSV2ABvidk=", > oauth_signature_method="HMAC-SHA1", oauth_timestamp="1250648662", > oauth_token="1/HRwOZSEYw5mwU0q89a7J7mATiaQZnWPB51nTvo8n9Sw", > oauth_version="1.0" --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to oauth@googlegroups.com To unsubscribe from this group, send email to oauth+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---