GData OAuth and Ruby OAuth provider
33 views
Skip to first unread message
Alistair
May 1, 2010, 5:22:25 PM5/1/10
to Google Data APIs Objective-C Client Library Discussion
Hi,
I've got a Ruby on Rails application that offers API access via OAuth
using http://github.com/pelle/oauth-plugin with a test PHP script
working perfectly to login and consume services. In order to see if I
could create an iPhone client for it I downloaded OAuthSampleTouch and
modified the signInToTwitter method filling in myConsumerKey,
myConsumerSecret and relevant URL variables too.
The flow seems correct with it going from sign in, clicking
authorisation and then being returned to the main screen. mTokenField
is set from [mAuth token] and my API method called. However quitting
the application and going back in shows a "HTTP Basic: Access denied."
response to trying to execute a API call. No matter what I do it will
not re-authenticate using the token despite [mAuth canAuthorize]
returning true.
A test PHP script using Zend_OAuth works perfectly so am quite
confident that the web application itself is fine. Any ideas on how to
go about debugging this?
Any and all suggestions welcome!
Thanks,
Alistair
--
You received this message because you are subscribed to the Google Groups "Google Data APIs Objective-C Client Library Discussion" group.
To post to this group, send email to gdata-objec...@googlegroups.com.
To unsubscribe from this group, send email to gdata-objectivec-...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/gdata-objectivec-client?hl=en.
I've got a Ruby on Rails application that offers API access via OAuth
using http://github.com/pelle/oauth-plugin with a test PHP script
working perfectly to login and consume services. In order to see if I
could create an iPhone client for it I downloaded OAuthSampleTouch and
modified the signInToTwitter method filling in myConsumerKey,
myConsumerSecret and relevant URL variables too.
The flow seems correct with it going from sign in, clicking
authorisation and then being returned to the main screen. mTokenField
is set from [mAuth token] and my API method called. However quitting
the application and going back in shows a "HTTP Basic: Access denied."
response to trying to execute a API call. No matter what I do it will
not re-authenticate using the token despite [mAuth canAuthorize]
returning true.
A test PHP script using Zend_OAuth works perfectly so am quite
confident that the web application itself is fine. Any ideas on how to
go about debugging this?
Any and all suggestions welcome!
Thanks,
Alistair
--
You received this message because you are subscribed to the Google Groups "Google Data APIs Objective-C Client Library Discussion" group.
To post to this group, send email to gdata-objec...@googlegroups.com.
To unsubscribe from this group, send email to gdata-objectivec-...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/gdata-objectivec-client?hl=en.
Greg Robbins
May 1, 2010, 7:31:45 PM5/1/10
to gdata-objec...@googlegroups.com
Are you saying:
Signing in via OAuth, then using the token (in the OAuthAuthentication object) for authenticated API request to the server works.
But saving the token to the keychain, restarting the app, reading the token in from the keychain, then using it to make another API call does not work?
Alistair
May 2, 2010, 3:09:52 AM5/2/10
to Google Data APIs Objective-C Client Library Discussion
Hi Greg,
Yes that seems correct although I'm having a strange notion that the
first authenticated API request is only working because of a cookie
that was set after logging in to approve the OAuth request. The
request I say that is that the headers (allHTTPHeaderFields) between
the first call and then re-opening the app looked to be about the same
in the Authorization field.
Thanks,
Alistair
Yes that seems correct although I'm having a strange notion that the
first authenticated API request is only working because of a cookie
that was set after logging in to approve the OAuth request. The
request I say that is that the headers (allHTTPHeaderFields) between
the first call and then re-opening the app looked to be about the same
in the Authorization field.
Thanks,
Alistair
Alistair
May 2, 2010, 5:34:13 AM5/2/10
to Google Data APIs Objective-C Client Library Discussion
Hi,
I've double checked and it is the case that first use of the token
works for a API request. Ignore the bit about the cookies as I set the
API method to be oauth only and it worked. It's when it tries to re-
use it after restarting the application that it continually fails.
If it helps I could put the test server online for you to try and
consume?
I've double checked and it is the case that first use of the token
works for a API request. Ignore the bit about the cookies as I set the
API method to be oauth only and it worked. It's when it tries to re-
use it after restarting the application that it continually fails.
If it helps I could put the test server online for you to try and
consume?
Alistair
May 2, 2010, 5:46:16 AM5/2/10
to Google Data APIs Objective-C Client Library Discussion
If anyone would like to give it a go the details are:
http://phiali.dyndns.org/oauth_clients/2
Username: phiali
Password: password
OAuth method: http://phiali.dyndns.org/watchlists.json
Consumer Key: 9TERQfrDYJobJ6ZoAI0g
Consumer Secret: VWqhXuExBZDTWA7fjJ2zNvX0O8zZ9ieKDkByynAw
Request Token URL http://phiali.dyndns.org/oauth/request_token
Access Token URL http://phiali.dyndns.org/oauth/access_token
Authorize URL http://phiali.dyndns.org/oauth/authorize
Expected output:
[{"watchlist":
{"query_description":"chef","created_at":"2010-04-05T12:41:51+01:00","updated_at":"2010-04-05T12:41:51+01:00","query_mode":"0","query_title":"chef","id":
25,"user_id":1,"channelgrouping_id":0,"query":null}}]
http://phiali.dyndns.org/oauth_clients/2
Username: phiali
Password: password
OAuth method: http://phiali.dyndns.org/watchlists.json
Consumer Key: 9TERQfrDYJobJ6ZoAI0g
Consumer Secret: VWqhXuExBZDTWA7fjJ2zNvX0O8zZ9ieKDkByynAw
Request Token URL http://phiali.dyndns.org/oauth/request_token
Access Token URL http://phiali.dyndns.org/oauth/access_token
Authorize URL http://phiali.dyndns.org/oauth/authorize
Expected output:
[{"watchlist":
{"query_description":"chef","created_at":"2010-04-05T12:41:51+01:00","updated_at":"2010-04-05T12:41:51+01:00","query_mode":"0","query_title":"chef","id":
25,"user_id":1,"channelgrouping_id":0,"query":null}}]
Greg Robbins
May 2, 2010, 11:51:50 PM5/2/10
to gdata-objec...@googlegroups.com
I was able to use the controller and sample app to fetch an authenticated feed with your API, restart the app, and fetch the feed again.
The sample apps just show how to construct an auth object from the keychain for authenticating to Google services. I need to clarify the samples to also show how to construct an auth object for other services. You'll need a routine that just makes the auth object for your service:
- (GDataOAuthAuthentication *)authForPhiali {
NSString *myConsumerKey = @"9TERQfrDYJobJ6ZoAI0g";
NSString *myConsumerSecret = @"VWqhXuExBZDTWA7fjJ2zNvX0O8zZ9ieKDkByynAw";
GDataOAuthAuthentication *auth;
auth = [[[GDataOAuthAuthentication alloc] initWithSignatureMethod:kGDataOAuthSignatureMethodHMAC_SHA1
consumerKey:myConsumerKey
privateKey:myConsumerSecret] autorelease];
return auth;
}
then, at startup (awakeFromNib or similar), use that and the keychain data to be ready to authorize fetches:
GDataOAuthAuthentication *auth = [self authForPhiali];
[GDataOAuthWindowController authorizeFromKeychainForName:kMyAppServiceName
authentication:auth];
...
NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:url];
[auth authorizeRequest:request];
The sample apps just show how to construct an auth object from the keychain for authenticating to Google services. I need to clarify the samples to also show how to construct an auth object for other services. You'll need a routine that just makes the auth object for your service:
- (GDataOAuthAuthentication *)authForPhiali {
NSString *myConsumerKey = @"9TERQfrDYJobJ6ZoAI0g";
NSString *myConsumerSecret = @"VWqhXuExBZDTWA7fjJ2zNvX0O8zZ9ieKDkByynAw";
GDataOAuthAuthentication *auth;
auth = [[[GDataOAuthAuthentication alloc] initWithSignatureMethod:kGDataOAuthSignatureMethodHMAC_SHA1
consumerKey:myConsumerKey
privateKey:myConsumerSecret] autorelease];
return auth;
}
then, at startup (awakeFromNib or similar), use that and the keychain data to be ready to authorize fetches:
GDataOAuthAuthentication *auth = [self authForPhiali];
[GDataOAuthWindowController authorizeFromKeychainForName:kMyAppServiceName
authentication:auth];
...
NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:url];
[auth authorizeRequest:request];
Alistair
May 3, 2010, 4:33:30 AM5/3/10
to Google Data APIs Objective-C Client Library Discussion
Hi Greg,
You're an absolute genius! My main issue was that I was using
[GDataOAuthViewControllerTouch
authForGoogleFromKeychainForName:@"app_name"] instead of your sample
of [GDataOAuthViewControllerTouch
authorizeFromKeychainForName:@"app_name" authentication:auth];
I'm now authenticating correctly and managing to call API methods
between re-loads of the application.
Can't thank you enough!
Alistair
You're an absolute genius! My main issue was that I was using
[GDataOAuthViewControllerTouch
authForGoogleFromKeychainForName:@"app_name"] instead of your sample
of [GDataOAuthViewControllerTouch
authorizeFromKeychainForName:@"app_name" authentication:auth];
I'm now authenticating correctly and managing to call API methods
between re-loads of the application.
Can't thank you enough!
Alistair
Reply all
Reply to author
Forward
0 new messages