Web Images Videos Maps News Shopping Gmail more »
Recently Visited Groups | Help | Sign in
Google Groups Home
OAuth
Home
+ new post
Pages
Files
About this group
Join this group
Message from discussion OAuth support for Google Accounts and Contacts API
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 
From:
To:
Cc:
Followup To:
Add Cc | Add Followup-to | Edit Subject
Subject:
Validation:
For verification purposes please type the characters you see in the picture below or the numbers you hear by clicking the accessibility icon. Listen and type the numbers you hear
 
Wei  
View profile  
 More options Jun 26 2008, 8:26 pm
From: Wei <weitu+oa...@google.com>
Date: Thu, 26 Jun 2008 17:26:17 -0700 (PDT)
Local: Thurs, Jun 26 2008 8:26 pm
Subject: Re: OAuth support for Google Accounts and Contacts API
Reply to author | Forward | Print | View thread | Show original | Report this message | Find messages by this author
Just want to let you know that we officially support OAuth for all
Google Data APIs.

http://googledataapis.blogspot.com/2008/06/oauth-for-google-data-apis...

OAuth for Google Data APIs
Thursday, June 26, 2008 at 4:36 PM

Posted by Wei Tu, Google Accounts Team

The Google Data APIs have always been built on open standards, and
today we're proud to announce that all of the Google Data APIs support
OAuth - an open standard for authentication.

You'll now be able to use standard OAuth libraries to write code that
authenticates users to any of the Google Data APIs, such as Google
Calendar Data API, Blogger Data API, Picasa Web Albums Data API, or
Google Contacts Data API. This should reduce the amount of duplicate
code that you need to write, and make it easier for you to write
applications and tools that work with a variety of services from
multiple providers.

See the documentation for the full details on how to use OAuth with
the Google Data APIs.

* OAuth also currently works for YouTube accounts that are linked to a
Google Account when using the YouTube Data API.

Wei

On Jun 18, 5:54 pm, Wei <weitu+oa...@google.com> wrote:

> I will help Alex debug offline.

> On Jun 18, 5:24 pm, "Alex Henderson" <bitterco...@gmail.com> wrote:

> > I'm having a similar problem with 401 responses with code that was working a
> > week ago ... I can request a token, exchange it for an access token etc. but
> > when making requests using the access token I now receive a 401 response..
> > I've tried some of the tips below i.e. switching the schemes to https
> > instead of http for the scope etc.  But it doesn't seem to make a
> > difference, what's wrong with the request I'm making to the protected
> > resource?

> > Here are the requests:

> > GET
> > /accounts/OAuthGetRequestToken?scope=https%3A%2F%2Fwww.google.com%2Fm8%2Ffee
> > ds&oauth_nonce=8a3542c9-e43c-4cdf-ab82-f9e9424fda77&oauth_consumer_key=weit u
> > .googlepages.com&oauth_signature_method=RSA-SHA1&oauth_timestamp=1213834722 &
> > oauth_version=1.0&oauth_token=&oauth_signature=f8lmelPabpvb24GXrsEw9jOZsRsl 7
> > VQUY4Mv%2B%2FPF1oMYg0Y%2BxzcvpCeyjFayfZXM4FYulKoSmswdcHNjJh8eUIKhSsCLpvlo8% 2
> > FAq%2F%2FODdTw9tG%2FYALKeN%2FK6ELMH91i9ZvlMpknD4VimO5dKDe4rNQUWwbnljftFuR1m %
> > 2BhYIA8Y%3D HTTP/1.1

> > -> oauth_token=CMiJx-LdFxDk9-6r-_____8B&oauth_token_secret=

> > GET
> > /accounts/accounts/OAuthAuthorizeToken?scope=https://www.google.com/m8/feeds
> > &oauth_token=CMiJx-LdFxDk9-6r-_____8B HTTP/1.1

> > * grant access *

> > GET
> > /accounts/OAuthGetAccessToken?scope=https%3A%2F%2Fwww.google.com%2Fm8%2Ffeed
> > s&oauth_token=CMiJx-LdFxDk9-6r-_____8B&oauth_nonce=49d793bd-9f3c-4b13-89db- 6
> > a693ab3d5aa&oauth_consumer_key=weitu.googlepages.com&oauth_signature_method =
> > RSA-SHA1&oauth_timestamp=1213834735&oauth_version=1.0&oauth_signature=lldAl a
> > asOsFeddN4%2BpWb3JUr%2B48v0pZTj0nrjyQw1%2FMeUm5mzVzFwM%2BnUfqpmv%2F8h8uMDkG O
> > %2FSSuoGY%2BzolH1evslZZXDin26ZoSkWxYCtgyPvHesPoFSj%2FNbqGEQkMI4AwrWdnVxGW32 L
> > aoSQgfcieD9Psj7TTzIftpes6Jkyc%3D HTTP/1.1

> > ->
> > oauth_token=1%2FAcsGwK8z4zYQzrm7XX6-KmATiaQZnWPB51nTvo8n9Sw&oauth_token_sec r
> > et=

> > GET
> > /m8/feeds/contacts/default/base?scope=https%3A%2F%2Fwww.google.com%2Fm8%2Ffe
> > eds&oauth_token=1%2FAcsGwK8z4zYQzrm7XX6-KmATiaQZnWPB51nTvo8n9Sw&oauth_nonce =
> > 40e7f1bf-bb4c-49b1-8f1d-d27693fa6bd7&oauth_consumer_key=weitu.googlepages.c o
> > m&oauth_signature_method=RSA-SHA1&oauth_timestamp=1213834736&oauth_version= 1
> > .0&oauth_signature=ihwMkduk9CFqqm9rxfn1aXx4eK9HiLhz1U9ULRN%2Butpd2MnUgD%2BU w
> > 2WVaph2tEai7LM8rtlxOgaJmNBegDhgFwOR%2Fvpxfrk4JpLTg1kno21Y4Igo2AIHmgU4MvD39Y 9
> > zd4WB4uoaxPLVlQWCr3WIS2wv9GjqLPhnS%2BzKttD1fqg%3D HTTP/1.1

> > The last request get's a response of:

> > <HTML>
> > <HEAD>
> > <TITLE>Authorization required</TITLE>
> > </HEAD>
> > <BODY BGCOLOR="#FFFFFF" TEXT="#000000">
> > <H1>Authorization required</H1>
> > <H2>Error 401</H2>
> > </BODY>
> > </HTML>

> > I'm sure it's something simple - I just can't spot it.

> > Cheers,

> >  - Alex

> > -----Original Message-----
> > From: oauth@googlegroups.com [mailto:oauth@googlegroups.com] On Behalf Of

> > ckstj...@gmail.com
> > Sent: Tuesday, 3 June 2008 6:26 a.m.
> > To: OAuth
> > Subject: [oauth] Re: OAuth support for Google Accounts and Contacts API

> > On May 26, 6:50 pm, Wei <weitu+oa...@google.com> wrote:
> > > Ben and I resolved this offline.

> > > On May 21, 12:35 am, blweiner <blwei...@gmail.com> wrote:

> > > > I had no problem getting a request token and an access token, but when
> > > > I went to requesthttp://www.google.com/m8/feeds/contacts/default/base
> > > > with the access token, I received a 401 response.

> > > > Is there any reason why I'd have no problem getting the tokens, but
> > > > would have a problem accessing the protected resources?

> > I was experimenting with the Ruby OAuth implementation, and
> > (after some twiddling with the source) managed to get data
> > out of the contacts API.

> > I ended up:

> >  - Switching the scope url to https rather than plain http
> >  (otherwise I got a 401 saying there was an unknown
> >  authorization header)

> >  - Switch the data URL (m8/feeds/contacts/cstjohn%40gmail.com/full)
> >  to use https rather then http (otherwise I got an authsub
> >  has wrong scope error, which seemed fair enough given that I'd
> >  asked for https in the scope)

> >  - Encode the scope URL (as mentioned above)

> > Some of those may have been issues with the Ruby OAuth
> > library (or my hacking of it), but I thought I'd offer it
> > for the benefit of anyone else trying something similar.

> > -cks

> > --
> > Christopher St. John
> > ckstj...@gmail.comhttp://artofsystems.blogspot.com


    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2009 Google