urgent: Implementing signed gadgets.io.makeRequest functionality
3 views
Skip to first unread message
RS
Mar 13, 2008, 1:54:52 AM3/13/08
to Orkut Developer Forum
Hi,
Can anyone help with sample code on how to implement "signed
gadgets.io.makeRequest functionality" in servlets?
Best Regards,
Sreenivas
Can anyone help with sample code on how to implement "signed
gadgets.io.makeRequest functionality" in servlets?
Best Regards,
Sreenivas
Nitin
Mar 13, 2008, 8:52:08 AM3/13/08
to Orkut Developer Forum
Hello Srinivas,
I did the following steps and it seems to work for me
#1) Get the java oauth from http://oauth.googlecode.com - you would
have to install maven, svn and then build it. After building it you
would get core.jar
see the following for more details -
http://groups.google.com/group/oauth/browse_thread/thread/9bbb5cff7b3097ac
Add the core.jar to your class path
#2) To check if a request is signed use the following code - I got it
from another post -
Try {
OAuthServiceProvider provider = new
OAuthServiceProvider(null, null,null);
OAuthConsumer consumer = new OAuthConsumer(null,
"orkut.com", null,provider);
consumer.setProperty(RSA_SHA1.X509_CERTIFICATE,
certificate);
OAuthMessage message = OAuthServlet.getMessage(request,
null);
OAuthAccessor accessor = new OAuthAccessor(consumer);
message.validateSignature(accessor);
return true;
} catch (Exception e) {
//not signed or some other issue
}
#3) Also add the authorization related param on the makeRequest - see
the wiki page for it.
I hope it helps.
- nitin
I did the following steps and it seems to work for me
#1) Get the java oauth from http://oauth.googlecode.com - you would
have to install maven, svn and then build it. After building it you
would get core.jar
see the following for more details -
http://groups.google.com/group/oauth/browse_thread/thread/9bbb5cff7b3097ac
Add the core.jar to your class path
#2) To check if a request is signed use the following code - I got it
from another post -
Try {
OAuthServiceProvider provider = new
OAuthServiceProvider(null, null,null);
OAuthConsumer consumer = new OAuthConsumer(null,
"orkut.com", null,provider);
consumer.setProperty(RSA_SHA1.X509_CERTIFICATE,
certificate);
OAuthMessage message = OAuthServlet.getMessage(request,
null);
OAuthAccessor accessor = new OAuthAccessor(consumer);
message.validateSignature(accessor);
return true;
} catch (Exception e) {
//not signed or some other issue
}
#3) Also add the authorization related param on the makeRequest - see
the wiki page for it.
I hope it helps.
- nitin
RS
Mar 13, 2008, 1:32:27 PM3/13/08
to Orkut Developer Forum
Nitin,
Thank you so much. We will try it out rightaway.
Best Regards,
Sreenivas
On Mar 13, 5:52 pm, Nitin <n.zam...@gmail.com> wrote:
> Hello Srinivas,
> I did the following steps and it seems to work for me
> #1) Get the java oauth fromhttp://oauth.googlecode.com- you would
> > Sreenivas- Hide quoted text -
>
> - Show quoted text -
Thank you so much. We will try it out rightaway.
Best Regards,
Sreenivas
On Mar 13, 5:52 pm, Nitin <n.zam...@gmail.com> wrote:
> Hello Srinivas,
> I did the following steps and it seems to work for me
> have to install maven, svn and then build it. After building it you
> would get core.jar
> see the following for more details -http://groups.google.com/group/oauth/browse_thread/thread/9bbb5cff7b3...
> would get core.jar
>
> - Show quoted text -
dev_app
Mar 19, 2008, 2:57:45 AM3/19/08
to Orkut Developer Forum
Hi Nitin
I tried below mentioned way in my app. But i am getting
signature_invalid. Please let me know how to fix this issue.
At Client Side: (Also i tried with Method as POST)
params[gadgets.io.RequestParameters.AUTHORIZATION] =
gadgets.io.AuthorizationType.SIGNED;
params[gadgets.io.RequestParameters.METHOD] =
gadgets.io.MethodType.GET;
params[gadgets.io.RequestParameters.CONTENT_TYPE] =
gadgets.io.ContentType.JSON;
gadgets.io.makeRequest(my_servlet_url,
myCallBackFun,params);
At Server Side:
String key =
request.getParameter("xoauth_signature_publickey");
consumer.setProperty(RSA_SHA1.X509_CERTIFICATE, "http://
sandbox.orkut.com/46/o/"+key);
Exception in validation::net.oauth.OAuthProblemException:
signature_invalid
net.oauth.OAuthProblemException: signature_invalid
at
net.oauth.signature.OAuthSignatureMethod.validate(OAuthSignatureMetho
d.java:57)
at net.oauth.OAuthMessage.validateSignature(OAuthMessage.java:
233)
thanks
kumar
I tried below mentioned way in my app. But i am getting
signature_invalid. Please let me know how to fix this issue.
At Client Side: (Also i tried with Method as POST)
params[gadgets.io.RequestParameters.AUTHORIZATION] =
gadgets.io.AuthorizationType.SIGNED;
params[gadgets.io.RequestParameters.METHOD] =
gadgets.io.MethodType.GET;
params[gadgets.io.RequestParameters.CONTENT_TYPE] =
gadgets.io.ContentType.JSON;
gadgets.io.makeRequest(my_servlet_url,
myCallBackFun,params);
At Server Side:
String key =
request.getParameter("xoauth_signature_publickey");
OAuthServiceProvider provider = new
OAuthServiceProvider(null, null, null);
OAuthConsumer consumer = new OAuthConsumer(null,
"sandbox.orkut.com", null, provider);
OAuthServiceProvider(null, null, null);
OAuthConsumer consumer = new OAuthConsumer(null,
consumer.setProperty(RSA_SHA1.X509_CERTIFICATE, "http://
sandbox.orkut.com/46/o/"+key);
OAuthMessage message = OAuthServlet.getMessage(request,
null);
OAuthAccessor accessor = new OAuthAccessor(consumer);
message.validateSignature(accessor);
Response:
null);
OAuthAccessor accessor = new OAuthAccessor(consumer);
message.validateSignature(accessor);
Exception in validation::net.oauth.OAuthProblemException:
signature_invalid
net.oauth.OAuthProblemException: signature_invalid
at
net.oauth.signature.OAuthSignatureMethod.validate(OAuthSignatureMetho
d.java:57)
at net.oauth.OAuthMessage.validateSignature(OAuthMessage.java:
233)
thanks
kumar
> Hello Srinivas,
> I did the following steps and it seems to work for me
> #1) Get the java oauth fromhttp://oauth.googlecode.com- you would
> I did the following steps and it seems to work for me
> have to install maven, svn and then build it. After building it you
> would get core.jar
> see the following for more details -http://groups.google.com/group/oauth/browse_thread/thread/9bbb5cff7b3...
> would get core.jar
Nitin
Mar 19, 2008, 10:45:34 AM3/19/08
to Orkut Developer Forum
Hey certificate variable is not the certificate URL but the actual
certificate in the string. For example in my code it is
static String certificate="-----BEGIN CERTIFICATE-----\n" +
"MIIDHDCCAoWgAwIBAgIJAMbTCksqLiWeMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNV\n" +
"BAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIG\n" +
"A1UEChMLR29vZ2xlIEluYy4xDjAMBgNVBAsTBU9ya3V0MQ4wDAYDVQQDEwVscnlh\n" +
"bjAeFw0wODAxMDgxOTE1MjdaFw0wOTAxMDcxOTE1MjdaMGgxCzAJBgNVBAYTAlVT\n" +
"MQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChML\n" +
"R29vZ2xlIEluYy4xDjAMBgNVBAsTBU9ya3V0MQ4wDAYDVQQDEwVscnlhbjCBnzAN\n" +
"BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAseBXZ4NDhm24nX3sJRiZJhvy9eDZX12G\n" +
"j4HWAMmhAcnm2iBgYpAigwhVHtOs+ZIUIdzQHvHeNd0ydc1Jg8e+C
+Mlzo38OvaG\n" +
"D3qwvzJ0LNn7L80c0XVrvEALdD9zrO+0XSZpTK9PJrl2W59lZlJFUk3pV
+jFR8NY\n" +
"eB/fto7AVtECAwEAAaOBzTCByjAdBgNVHQ4EFgQUv7TZGZaI
+FifzjpTVjtPHSvb\n" +
"XqUwgZoGA1UdIwSBkjCBj4AUv7TZGZaI
+FifzjpTVjtPHSvbXqWhbKRqMGgxCzAJ\n" +
"BgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEU\n" +
"MBIGA1UEChMLR29vZ2xlIEluYy4xDjAMBgNVBAsTBU9ya3V0MQ4wDAYDVQQDEwVs\n" +
"cnlhboIJAMbTCksqLiWeMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEA\n" +
"CETnhlEnCJVDXoEtSSwUBLP/
147sqiu9a4TNqchTHJObwTwDPUMaU6XIs2OTMmFu\n" +
"GeIYpkHXzTa9Q6IKlc7Bt2xkSeY3siRWCxvZekMxPvv7YTcnaVlZzHrVfAzqNsTG\n" +
"P3J//C0j+8JWg6G+zuo5k7pNRKDY76GxxHPYamdLfwk=\n" +
"-----END CERTIFICATE-----";
I think it would work once you change the certificate .
- nitin
> > #1) Get the java oauth fromhttp://oauth.googlecode.com-you would
certificate in the string. For example in my code it is
static String certificate="-----BEGIN CERTIFICATE-----\n" +
"MIIDHDCCAoWgAwIBAgIJAMbTCksqLiWeMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNV\n" +
"BAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIG\n" +
"A1UEChMLR29vZ2xlIEluYy4xDjAMBgNVBAsTBU9ya3V0MQ4wDAYDVQQDEwVscnlh\n" +
"bjAeFw0wODAxMDgxOTE1MjdaFw0wOTAxMDcxOTE1MjdaMGgxCzAJBgNVBAYTAlVT\n" +
"MQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChML\n" +
"R29vZ2xlIEluYy4xDjAMBgNVBAsTBU9ya3V0MQ4wDAYDVQQDEwVscnlhbjCBnzAN\n" +
"BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAseBXZ4NDhm24nX3sJRiZJhvy9eDZX12G\n" +
"j4HWAMmhAcnm2iBgYpAigwhVHtOs+ZIUIdzQHvHeNd0ydc1Jg8e+C
+Mlzo38OvaG\n" +
"D3qwvzJ0LNn7L80c0XVrvEALdD9zrO+0XSZpTK9PJrl2W59lZlJFUk3pV
+jFR8NY\n" +
"eB/fto7AVtECAwEAAaOBzTCByjAdBgNVHQ4EFgQUv7TZGZaI
+FifzjpTVjtPHSvb\n" +
"XqUwgZoGA1UdIwSBkjCBj4AUv7TZGZaI
+FifzjpTVjtPHSvbXqWhbKRqMGgxCzAJ\n" +
"BgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEU\n" +
"MBIGA1UEChMLR29vZ2xlIEluYy4xDjAMBgNVBAsTBU9ya3V0MQ4wDAYDVQQDEwVs\n" +
"cnlhboIJAMbTCksqLiWeMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEA\n" +
"CETnhlEnCJVDXoEtSSwUBLP/
147sqiu9a4TNqchTHJObwTwDPUMaU6XIs2OTMmFu\n" +
"GeIYpkHXzTa9Q6IKlc7Bt2xkSeY3siRWCxvZekMxPvv7YTcnaVlZzHrVfAzqNsTG\n" +
"P3J//C0j+8JWg6G+zuo5k7pNRKDY76GxxHPYamdLfwk=\n" +
"-----END CERTIFICATE-----";
I think it would work once you change the certificate .
- nitin
Nitin
Mar 19, 2008, 10:47:24 AM3/19/08
to Orkut Developer Forum
I am not sure if my copy paste worked properly above. Basically its
the certificate text in the string. Load it from a file, or thru
whatever means.
the certificate text in the string. Load it from a file, or thru
whatever means.
aaaaa
Mar 21, 2008, 2:43:41 AM3/21/08
to Orkut Developer Forum
Hi Nitin
Thanks for the update. But still i am getting diffrent error: after
modifying my code [like sending certficate as string]
Please let me know, what's wrong in this.
This is my Server side code:
----------------------------------------
try
{
ByteArrayInputStream in = new
ByteArrayInputStream(CERTIFICATE.getBytes());
CertificateFactory certFac =
CertificateFactory.getInstance("X509");
X509Certificate cert =
(X509Certificate)certFac.generateCertificate(in);
OAuthServiceProvider provider = new
OAuthServiceProvider(null, null, null);
OAuthConsumer consumer = new OAuthConsumer(null,
"orkut.com", null, provider);
OAuthServiceProvider(null, null, null);
OAuthConsumer consumer = new OAuthConsumer(null,
consumer.setProperty(RSA_SHA1.X509_CERTIFICATE,
CERTIFICATE);
OAuthMessage message = OAuthServlet.getMessage(request,
null);
OAuthAccessor accessor = new OAuthAccessor(consumer);
out.print("*** OAuthMessage Params [Before
null);
OAuthAccessor accessor = new OAuthAccessor(consumer);
calling:validateSignature() method] *** ");
for(java.util.Map.Entry param: message.getParameters())
{
out.print("<br>");
out.print("Param Name-->"+param.getKey());
out.print(" ");
out.print("Value-->"+param.getValue());
}
out.print("<br>");
out.print("<HERE>");
out.print(" VALIDATING SIGNATURE ");
out.print("<br>");
message.validateSignature(accessor);
result = true;
out.print("REQUEST STATUS::"+result);
out.print("<br>");
}
catch(OAuthProblemException ope)
{
out.print("<br>");
out.print("OAuthProblemException-->"+ope.getProblem());
}
And When i execute & got below output
---------------------------------------------------------
--------------------------------------------------------
*** OAuthMessage Params [Before calling:validateSignature() method]
***
Param Name-->opensocial_ownerid Value-- >00611319245665564774
Param Name-->oauth_signature Value-->PK9mTYeIoav4onvmzlC49hlG3e6AXJscH
lqJpnFFUKt2OVoPzoNH653E2VIMVfrXFJkthJuYJ8MTRriva6a7qIlwMw6CNgjRDYK0iBC86OefnaoqSrIB82pUmFCPKofB7cNWM3N97V4Ay4bhccpSzmO88rp1LGzQE52h71WMn48
=
Param Name-->oauth_nonce Value-->41f92a56fccffc13
Param Name-->opensocial_appid Value-- >14870803059808603830
Param Name-->xoauth_signature_publickey Value-->pub.
1199819524.-1556113204990931254 .cer
Param Name-->oauth_signature_method Value-->RSA-SHA1
Param Name-->oauth_consumer_key Value-->orkut.com
Param Name-->opensocial_viewerid Value-->00611319245665564774
Param Name-->oauth_token Value-->
Param Name-->oauth_timestamp Value-->1206081149
VALIDATING SIGNATURE
OAuthProblemException-->signature_invalid
> > > > from another post -
> > > > Try {
> > > > OAuthServiceProvider provider = new
> > > > OAuthServiceProvider(null, null,null);
> > > > OAuthConsumer consumer = new OAuthConsumer(null,
> > > > "orkut.com", null,provider);
> > > > consumer.setProperty(RSA_SHA1.X509_CERTIFICATE,
> > > > certificate);
> > > > OAuthMessage message = OAuthServlet.getMessage(request,
> > > > null);
> > > > OAuthAccessor accessor = new OAuthAccessor(consumer);
> > > > message.validateSignature(accessor);
> > > > return true;
> > > > } catch (Exception e) {
> > > > //notsignedor some other issue
> > > > Try {
> > > > OAuthServiceProvider provider = new
> > > > OAuthServiceProvider(null, null,null);
> > > > OAuthConsumer consumer = new OAuthConsumer(null,
> > > > "orkut.com", null,provider);
> > > > consumer.setProperty(RSA_SHA1.X509_CERTIFICATE,
> > > > certificate);
> > > > OAuthMessage message = OAuthServlet.getMessage(request,
> > > > null);
> > > > OAuthAccessor accessor = new OAuthAccessor(consumer);
> > > > message.validateSignature(accessor);
> > > > return true;
> > > > } catch (Exception e) {
> > > > }
>
> > > > #3) Also add the authorization related param on the makeRequest - see
> > > > the wiki page for it.
>
> > > > I hope it helps.
>
> > > > - nitin
>
> > > > On Mar 13, 10:54 am, RS <rsde...@gmail.com> wrote:
>
> > > > > Hi,
>
> > > > > Can anyone help with sample code on how to implement "signed
> > > > > gadgets.io.makeRequest functionality" in servlets?
>
> > > > > Best Regards,
>
>
> > > > #3) Also add the authorization related param on the makeRequest - see
> > > > the wiki page for it.
>
> > > > I hope it helps.
>
> > > > - nitin
>
> > > > On Mar 13, 10:54 am, RS <rsde...@gmail.com> wrote:
>
> > > > > Hi,
>
> > > > > Can anyone help with sample code on how to implement "signed
> > > > > gadgets.io.makeRequest functionality" in servlets?
>
> > > > > Best Regards,
>
verma6uc
Mar 24, 2008, 6:26:07 AM3/24/08
to Orkut Developer Forum
I am also getting the same error please help!
Reply all
Reply to author
Forward
0 new messages