-others Hi Akash,
1. Are you trying to authenticate a request from orkut to your backend server, or trying to send an authenitcated request from your backend server to orkut? 2. Are you sure that you are using 2-legged-oauth? 3. The sample application in opensocial-java-client has a working demo of how a request is sent to orkut from a backend server. Please see if that helps. Cheers, Shishir On Tue, Nov 17, 2009 at 11:42 AM, Akash <[email protected]> wrote: > Folks, > Still I am not able to get answer to this question and I am really > frustrated here. I anyway have plan to move my application to facebook > but if this problem is not solved I will be left with no choice and > remove support for Orkut. Please note this is not threat but a > practical issue as any hacker can mess with my application data. > Please correct me if my understanding is wrong. > > Thanks, > -Akash > (PS: I am ccing everybody I know in orkut developer team, sorry for > this spam) > > On Nov 16, 1:56 pm, Akash <[email protected]> wrote: > > Hi Orkut Development team, > > It is almost one year now and I am not able to get the solution to > > this aurthentication problem. I am glad that you have provided sample > > codes of authentication for various server side languages. Since I am > > using .NET web service and there are no sample code for it I need the > > exact information of parameters used to generate the base signature. > > > > If somebody who is using some other server side language can share a > > sample of the parameters added to the request, generated base > > signature and signature that will be great help. I will use these > > parameters to verify my program. > > > > Thanks, > > -Akash > > > > On Nov 13, 2:50 pm,Akash<[email protected]> wrote: > > > > > > > > > Ping as the problem is not solved yet for me :( > > > > > On Nov 12, 3:20 pm,Akash<[email protected]> wrote: > > > > > > Hi Prashant, > > > > Thanks for looking into this issue. I have tried all libraries > > > > available hence the issue in unlikely in library. Can you please > > > > provide me following:- > > > > > > 1. List of parameters that are added to the post request by orkut > > > > proxy server to my post request (It is a soap request). A sample post > > > > request will all parameters. > > > > 2. What should be base signature URL for this sample request. > > > > > > I will feed above data into my code and it is works in my code. In > > > > case it does not work then the problem is in my code otherwise > > > > somewhere else. > > > > > > I just triedhttp://googlecodesamples.com/oauth_playground/will > > > > following parameters. > > > > > > URL:http://www.knownmarket.com/KMWeb/listingSvc.asmx > > > > outh_signature_method: RSA-SHA1 > > > > outh_consumer_key: orkut.com > > > > POST Data: > > > > > > <?xml version="1.0" encoding="utf-8"?><soap12:Envelope > > > > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > > > > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; xmlns:soap12=" > http://www.w3.org/2003/05/soap-envelope";><soap12:Body><ListLocalities > > > > xmlns="KM"><cityId>14</cityId></ListLocalities></soap12:Body></ > > > > soap12:Envelope> > > > > > > I get the response as > > > > **** > > > > Couldn't resolve host '< > > > > **** > > > > > > So let me know what else I can do. The server is not owned by me. > > > > > > Thanks, > > > > -Akash > > > > > > On Nov 12, 2:10 pm, "Prashant (Google)" <[email protected]> wrote: > > > > > > > HiAkash, > > > > > > > This being a POST request, it would be difficult to debug at our > end > > > > > with only the currently available data. > > > > > > > But assuming that you're sending the right set of parameters that > the > > > > > server expects and that you're encoding them correctly in your > query > > > > > string, you may try generating the base string using some other > OAuth > > > > > library, or give the online OAuth Playground a try athttp:// > googlecodesamples.com/oauth_playground/. > > > > > > > Otherwise, if it's you who own the server as well, you may also > want > > > > > to verify as an added measure that the server endpoint is using the > > > > > correct certificate too and calculating the correct signature > > > > > accordingly. > > > > > > > Those are some checkpoints that immediately come to mind. Please go > > > > > through them and let us know if anything gives. > > > > > > > Thanks, > > > > > Prashant. > > > > > > > On Nov 12, 12:04 am,Akash<[email protected]> wrote: > > > > > > > > Folks please help me in this issue. > > > > > > > > Thanks, > > > > > > -Akash > > > > > > > > On Nov 6, 5:50 pm,Akash<[email protected]> wrote: > > > > > > > > > Hi Robson, > > > > > > > Thanks a lot for the reply. I am still not able to get it > working :- > > > > > > > (. Please note I am using ASP.NET web services. > > > > > > > > > Here is my exact code snippet that I am using for proof of > concept > > > > > > > for getting authentication working. > > > > > > > > > public string GenerateSignatureBase(Uri url, string > > > > > > > consumerKey, string consumerSecret, string token, string > tokenSecret, > > > > > > > string httpMethod, string timeStamp, string nonce, string > > > > > > > signatureType) > > > > > > > { > > > > > > > List<QueryParameter> parameters = new > List<QueryParameter> > > > > > > > (); > > > > > > > parameters.Add(new QueryParameter > > > > > > > ("oauth_body_hash","Ky4lfOVNobK9k5TFKBaax4p1QXk=")); > > > > > > > parameters.Add(new QueryParameter > > > > > > > ("oauth_consumer_key","orkut.com")); > > > > > > > parameters.Add(new QueryParameter("oauth_nonce", > > > > > > > "1257504988478336000")); > > > > > > > parameters.Add(new QueryParameter > > > > > > > ("oauth_signature_method","RSA-SHA1")); > > > > > > > parameters.Add(new > QueryParameter("oauth_timestamp", > > > > > > > "1257504988")); > > > > > > > parameters.Add(new > QueryParameter("oauth_version","1.0")); > > > > > > > parameters.Add(new QueryParameter > > > > > > > ("opensocial_app_id","07513949224686644859")); > > > > > > > parameters.Add(new QueryParameter > > > > > > > ("opensocial_app_url","http://www.knownmarket.com/KMWeb/ > > > > > > > KnownMarket.xml")); > > > > > > > parameters.Add(new QueryParameter > > > > > > > ("opensocial_container","http://www.orkut.com";)); > > > > > > > parameters.Add(new QueryParameter > > > > > > > ("opensocial_owner_id","04260157720044639260")); > > > > > > > parameters.Add(new QueryParameter > > > > > > > ("opensocial_viewer_id","04260157720044639260")); > > > > > > > parameters.Add(new > QueryParameter("xoauth_public_key","pub. > > > > > > > 1199819524.-1556113204990931254.cer")); > > > > > > > parameters.Add(new QueryParameter > > > > > > > ("xoauth_signature_publickey","pub. > > > > > > > 1199819524.-1556113204990931254.cer")); > > > > > > > parameters.Add(new QueryParameter("oauth_token", > "")); > > > > > > > > > parameters.Sort(new QueryParameterComparer()); > > > > > > > > > string normalizedRequestParameters = > > > > > > > NormalizeRequestParameters(parameters); > > > > > > > > > StringBuilder signatureBase = new StringBuilder(); > > > > > > > signatureBase.AppendFormat("{0}&", "POST"); > > > > > > > signatureBase.AppendFormat("{0}&", UrlEncode(" > http://www.knownmarket.com/KMWeb/listingSvc.asmx";)); > > > > > > > signatureBase.AppendFormat("{0}", UrlEncode > > > > > > > (normalizedRequestParameters)); > > > > > > > return signatureBase.ToString(); > > > > > > > } > > > > > > > > > X509Certificate Cert = > X509Certificate.CreateFromCertFile > > > > > > > ( Request.PhysicalApplicationPath + "/bin/pub. > > > > > > > 1199819524.-1556113204990931254.cer"); > > > > > > > RSACryptoServiceProvider Provider = > > > > > > > CertUtil.GetCertPublicKey(Cert); > > > > > > > OAuth.OAuthBase ba = new OAuthBase(); > > > > > > > string baseString = > ba.GenerateSignatureBase(Request.Url, > > > > > > > Request.QueryString["oauth_consumer_key"], "", > Request.QueryString > > > > > > > ["oauth_token"], "", Request.HttpMethod, Request.QueryString > > > > > > > ["oauth_timestamp"], Request.QueryString["oauth_nonce"], > "RSA-SHA1"); > > > > > > > > > string signature = > "gTlTW2N5WysQNzfvc2/tT4+ZkIviFEaj2xoB/ > > > > > > > wInZR8+rtwrbNNuKl+jDLx5QQ71Z6LIacBogaXRw3eA0U/PWiF6G1Hwhd/ > > > > > > > > 4+GHlBBXsaKLsC1Ar6/e0D5pvAzN97a8KWfBHMg5kwsF3+OrxVd6Hph+OLRWEUSs/ > > > > > > > wyG3HK2GpOE="; > > > > > > > byte[] sign = Convert.FromBase64String(signature); > > > > > > > > > byte[] bstring = > Encoding.UTF8.GetBytes(baseString); > > > > > > > Response.Write(Provider.VerifyData(bstring, "SHA1", > > > > > > > sign)); > > > > > > > > > Thanks, > > > > > > > -Akash > > > > > > > > > On Nov 2, 1:29 am, Robson Dantas <[email protected]> wrote: > > > > > > > > > > Sorry, sent you the java version. Here is the link for .NET > > > > > > > > > >http://code.google.com/p/opensocial-net-client/ > > > > > > > > > > Cheers > > > > > > > > > > Robson Dantas > > > > > > > > > > 2009/11/1 Robson Dantas <[email protected]> > > > > > > > > > > >Akash, > > > > > > > > > > > I dont know what kind of oauth lib you´re using, but i got > some problems > > > > > > > > > too, using the library which was described on > wiki.opensocial.org . > > > > > > > > > > > After spending some time debugging, figured out that it was > a problem on > > > > > > > > > the lib. Just tried another one, and worked. I´ve also > updated the wiki, so, > > > > > > > > > try to use this lib: > > > > > > > > > > >http://code.google.com/p/opensocial-java-client/ > > > > > > > > > > > Let me know if it helps you. > > > > > > > > > > > Robson Dantas > > > > > > > > > > > 2009/10/28Akash<[email protected]> > > > > > > > > > > >> Not sure what was Ranjit's problem. My application is > still having > > > > > > > > >> issues. > > > > > > > > > > >> On Oct 26, 9:38 pm, Ranjeet Gill <[email protected]> > wrote: > > > > > > > > >> > Thanks its working now. > > > > > > > > >> > Ranjit > > > > > > > > > > >> > On Mon, Oct 26, 2009 at 4:11 AM,Akash< > [email protected]> > > > > > > > > >> wrote: > > > > > > > > > > >> > > Yes checked and found certificate is not the issue. > > > > > > > > > > >> > > Any idea on after looking at the code whether it is > fine? > > > > > > > > > > >> > > Thanks > > > > > > > > > > >> > > On Oct 13, 7:44 pm, "[email protected]" < > [email protected]> wrote: > > > > > > > > >> > > > check your cetificate file. Be sure not to open or > save certificates > > > > > > > > >> > > > in wordpad etc use notepad > > > > > > > > > > >> > > > On Oct 10, 7:45 pm,Akash<[email protected]> > wrote: > > > > > > > > > > >> > > > > Hi, > > > > > > > > >> > > > > I am running into some issues regarding > Authentication of my > > > > > > > > >> signed > > > > > > > > >> > > > > request. Validation of signed request always > fails. > > > > > > > > > > >> > > > > For simplicity of debugging, Here are the list of > parameters that > > > > > > > > >> I am > > > > > > > > >> > > > > using to generate base string > > > > > > > > > > >> > > > > > > > > ... > > > > read more »- Hide quoted text - > > > > - Show quoted text - > > -- > > You received this message because you are subscribed to the Google Groups > "Orkut Developer Forum" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]<opensocial-orkut%[email protected]> > . > For more options, visit this group at > http://groups.google.com/group/opensocial-orkut?hl=. > > > -- Stephen Leacock<http://www.brainyquote.com/quotes/authors/s/stephen_leacock.html> - "I detest life-insurance agents: they always argue that I shall some day die, which is not so." -- You received this message because you are subscribed to the Google Groups "Orkut Developer Forum" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/opensocial-orkut?hl=.
