Re: Poster and Identity v1
Gregg Reno
- Gregg
Jimmy Zimmerman <Zimme...@familysearch.org> wrote:
>Hi Greg,
>
>I can't nail down anything wrong in the code. If you won't be releasing a product before May, you may want to stick with Identity v1, which is far simpler than the v2 stuff and would get you past this authentication hurdle more quickly. It is possible that a new authentication mechanism will be introduced for Identity v2 which would be more similar to the Identity v1 mechanism. This would be available for mobile and desktop apps, and would work with the new CIS credentials.
>
>--
>Jimmy
>
>
>On Apr 2, 2010, at 6:41 AM, Gregg Reno wrote:
>
>The problem with having to go to a web page to authenticate means that I have to pass control to the external web browser. So, I can't see the headers. I'll just get a notification back once the user is authenticated.
>
>Here is how I get my consumer token, which seems to work fine:
>private void GetConsumerToken()
> {
> String url = serverName + IDENTITY_REQUEST_TOKEN;
> String sTimestamp = String.valueOf(System.currentTimeMillis() / 1000);
> HttpClient httpclient = new DefaultHttpClient();
>
> // Prepare a request object
> HttpGet httpget = new HttpGet("http://www.dev.usys.org/identity/v2/request_token?oauth_consumer_key=(my dev key here)&oauth_nonce=123456789&oauth_signature_method=PLAINTEXT&oauth_signature=%26&agent=Android&oauth_timestamp="<http://www.dev.usys.org/identity/v2/request_token?oauth_consumer_key=(mydevkeyhere)&oauth_nonce=123456789&oauth_signature_method=PLAINTEXT&oauth_signature=%26&agent=Android&oauth_timestamp=> + sTimestamp);
> HttpPost httppost = new HttpPost(url);
>
> // Execute the request
> HttpResponse response;
> try {
>
> response = httpclient.execute(httpget);
>
> // Examine the response status
> DebugMsg("status = " + response.getStatusLine().toString());
>
> // Get hold of the response entity
> HttpEntity entity = response.getEntity();
> // If the response does not enclose an entity, there is no need
> // to worry about connection release
>
> if (entity != null) {
>
> // A Simple JSON Response Read
> InputStream instream = entity.getContent();
> String result= convertStreamToString(instream);
> DebugMsg("Result =" + result);
>
> oauthConsumerToken = result.substring(result.indexOf("oauth_token=") + 12);
> oauthConsumerToken = oauthConsumerToken.substring(0, oauthConsumerToken.indexOf("&"));
> oauthTokenSecret = result.substring(result.indexOf("oauth_token_secret=") + 19);
> oauthTokenSecret = oauthTokenSecret.substring(0, oauthTokenSecret.indexOf("&"));
> }
>
> }
>I successfully get my consumer token and secret token, then call this, which is where my problem is:
> OAuthAccessor defaultClient() {
> String callbackUrl = "reno-familysearch:///";
> OAuthServiceProvider provider = defaultProvider();
> OAuthConsumer consumer = new OAuthConsumer(callbackUrl, oauthConsumerToken, oauthTokenSecret, provider);
>
> OAuthAccessor accessor = new OAuthAccessor(consumer);
> OAuthClient client = new OAuthClient(new HttpClient4());
> return accessor;
> }
>Thanks,
>-Gregg
>
>
>Jimmy Zimmerman wrote:
>Hi Gregg,
>
>Am I correct in assuming that the only way to authenticate is to show the user a web page and have them type in their username and password? I would rather store that for them in a preference file and log them in automatically.
>
>Unless the policy changes at FamilySearch, credentials cannot be stored in an application. Therefore, it does require a web page for a typed username and password.
>
>Also, I get to the point where the username and password screen is displayed. If I enter my "api-user-2120" user id and password, I get a message "The session has timed out or is invalid. Unable to continue authentication". But if I put in a bogus username and password, I get "the username or password is incorrect". Any ideas?
>
>A session should only timeout after 25 minutes of inactivity, so this seems strange. It is possible that there is a bug on our end, but I haven't seen this yet. Do you get this error every time you go through the entire OAuth process? Are there any HTTP headers in the response that you can log/share?
>
>--
>Jimmy
>
>On Mar 29, 2010, at 6:15 PM, Gregg Reno wrote:
>
>Well, I am trying to figure out this oAuth process and am really struggling.
>
>Am I correct in assuming that the only way to authenticate is to show the user a web page and have them type in their username and password? I would rather store that for them in a preference file and log them in automatically.
>
>Also, I get to the point where the username and password screen is displayed. If I enter my "api-user-2120" user id and password, I get a message "The session has timed out or is invalid. Unable to continue authentication". But if I put in a bogus username and password, I get "the username or password is incorrect". Any ideas?
>
>Thanks,
>-Gregg
>
>
>
>
>Jimmy Zimmerman wrote:
>You may want to start with Identity v1 for development, although currently FamilySearch is only certifying new apps on Identity v2.
>
>Identity v1 is pretty simple to use. Simply make a GET request on the /identity/v1/login property and use the "header" method on the WebResource to add
>
>Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
>
>
>The header name is "Authorization" and the value will be "Basic {Base64 encoding of 'username:password'"
>
>Or, if you want to go the Identity v2 route, this looks like a good tutorial since it is just standard OAuth.
>
>http://donpark.org/blog/2009/01/24/android-client-side-oauth
>
>--
>Jimmy
>
>On Mar 23, 2010, at 2:14 PM, Gregg Reno wrote:
>
>OK, thanks for the link - that helps. I was referring to Identity V2 since that seems to be the starting point for all access.
>-Gregg
>
>Jimmy Zimmerman wrote:
>Which V1 are you referring to (Identity v1? FamilyTree v1?)? The FamilyTree module should have code for FamilyTree v2.
>
>The code gives only serialization/parsing functionality, XML-> Java Objects -> XML. You should use Jersey for doing the actual web requests:
>
>http://blogs.sun.com/enterprisetechtips/entry/consuming_restful_web_services_with
>
>--
>Jimmy
>
>
>On Mar 23, 2010, at 1:40 PM, Gregg Reno wrote:
>
>I see the jar file there for V1, but don't see any documentation on how to use it.
>
>-Gregg
>
>Jimmy Zimmerman wrote:
>No Android specific sample code that I know of yet. There is Java code for all of the serializing/parsing stuff. I believe it is to be used with the Jersey client library. Would this work with Android?
>
>https://devnet.familysearch.org/downloads/sample-code/sample-clients
>
>We should start a project for sample code. Anyone want to start a project on Google Code? Or somewhere else? My Ruby library is out on Github.com<http://Github.com/>, but I don't know if that's where Android/Java developers hang out.
>
>--
>Jimmy
>
>On Mar 23, 2010, at 12:10 PM, Gregg Reno wrote:
>
>Thanks Jimmy - that worked. I had been using the www.dev.usys.org<http://www.dev.usys.org/> link previously, but somehow pasted the production link in by mistake.
>
>Two other questions for you:
>
> * My timestamp was rejected, but the server gave me a correct range to use. After using a number in that range, it worked. Maybe this site http://www.unixtimestamp.com/index.php has it's clock set differently than the reference system server? If so, do I need to somehow compensate for the time difference?
> * Is there any Android source code I can use as a starting point? Just looking for something basic like the authentication and a name lookup. It would save some time.
>
>Thanks,
>
>-Gregg
>
>Jimmy Zimmerman wrote:
>
>Hi Greg,
>
>My guess is that you don't yet have a Production System developer key, so the developer key you have would be valid on the Reference System only.
>
>The URL you would use for the Reference System would be:
>
>http://www.dev.usys.org/identity/v2/request_token?oauth_consumer_key=xxxx-xxxx-xxxx-xxxx-xxxx-xxxx-xxxx-xxxx&oauth_nonce=123456789&oauth_signature_method=PLAINTEXT&oauth_signature=%26&oauth_timestamp=1269366087&agent=Android
>
>Everything else in your request looks correct.
>
>--
>Jimmy
>
>On Mar 23, 2010, at 11:23 AM, FamTreeArborist wrote:
>
>
>
>Greg and group. You should have authority to post questions on this
>group. Here is a posting from our newest member Greg Reno. My answer
>is that there is a V1 and V2 for identity use VI Identity for Poster.
>What do you think Jimmy?
>
>---, I'm trying to get started by first using Poster with the V2
>spec. However, I am not able to do the first step, which I believe is
>to get a token. Here is my URL in Poster:
>
>https://api.familysearch.org/identity/v2/request_token?oauth_consumer_key=xxxx-xxxx-xxxx-xxxx-xxxx-xxxx-xxxx-xxxx&oauth_nonce=123456789&oauth_signature_method=PLAINTEXT&oauth_signature=%26&oauth_timestamp=1269366087&agent=Android
>
>(Note that I substitute xxxx-xxxx-xxxx-xxxx-xxxx-xxxx-xxxx-xxxx for my
>developer key)
>
>When I click the Get button, I get a 401 Unauthorized error. I got the
>timestamp from http://www.unixtimestamp.com/index.php which should
>give me the right unix value.
>
>I found the instructions on using Poster, but its for the V1 spec.
>
>Thanks,
>-Gregg Reno
>
>To unsubscribe from this group, send email to fs-android+unsubscribegooglegroups.com or reply to this email with the words "REMOVE ME" as the subject.
>
>
>
>
> NOTICE: This email message is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message.
>
>
>To unsubscribe from this group, send email to fs-android+unsubscribegooglegroups.com or reply to this email with the words "REMOVE ME" as the subject.
>
>
>To unsubscribe from this group, send email to fs-android+unsubscribegooglegroups.com or reply to this email with the words "REMOVE ME" as the subject.
>
>To unsubscribe from this group, send email to fs-android+unsubscribegooglegroups.com or reply to this email with the words "REMOVE ME" as the subject.
>
>To unsubscribe from this group, send email to fs-android+unsubscribegooglegroups.com or reply to this email with the words "REMOVE ME" as the subject.
>
>To unsubscribe from this group, send email to fs-android+unsubscribegooglegroups.com or reply to this email with the words "REMOVE ME" as the subject.
>
>To unsubscribe from this group, send email to fs-android+unsubscribegooglegroups.com or reply to this email with the words "REMOVE ME" as the subject.
>
>To unsubscribe from this group, send email to fs-android+unsubscribegooglegroups.com or reply to this email with the words "REMOVE ME" as the subject.
>
>To unsubscribe from this group, send email to fs-android+unsubscribegooglegroups.com or reply to this email with the words "REMOVE ME" as the subject.
>
>