All geek questions in one place

OAuth with Google Data API for .NET returning HTTP 400: Bad Request

I am trying to get OAuth to work with the .NET library for the Google Data API. Unfortunately, whenever I call GetUnauthorizedRequestToken, I get a 400 Bad Response error. Here is my code ...

OAuthParameters parameters = new OAuthParameters() { ConsumerKey = DOMAIN_NAME, ConsumerSecret = SECRET_KEY, Scope = "https://docs.google.com/feeds/", Callback = Request.RawUrl, SignatureMethod = "HMAC-SHA1" }; OAuthUtil.GetUnauthorizedRequestToken(parameters);

As far as I know, I correctly follow the instructions here: http://code.google.com/apis/gdata/docs/auth/oauth.html

Any help with this issue would be greatly appreciated!

EDIT: 9/10/2011 11:56 PM PST

First of all, many thanks for the comments!

So, I played around a bit and got an unauthorized request token, but OAuth still doesn't work ... here is a more complete code dump: - \

 string token = Request["oauth_token"]; if (!String.IsNullOrEmpty(token)) { OAuthParameters tParams = new OAuthParameters() { ConsumerKey = DOMAIN_NAME, ConsumerSecret = SECRET_KEY, Scope = S_SCOPE, Callback = S_CALLBACK, SignatureMethod = "HMAC-SHA1" }; tParams.Verifier = Request["oauth_verifier"]; tParams.Token = token; try { // http://code.google.com/apis/gdata/docs/auth/oauth.html // 1. Extract token from the callback URL //OAuthUtil.UpdateOAuthParametersFromCallback(Request.Url.Query, parameters); // 2. Upgrade to an access token OAuthUtil.GetAccessToken(tParams); string accessToken = tParams.Token; string accessTokenSecret = tParams.TokenSecret; Session["sp"] = tParams; // don't worry, we don't even get here yet return RedirectToAction("List"); } catch (System.Net.WebException ex) { // print out tons of stuff (removed for sanity) } //... and start over again } try { OAuthParameters parameters = new OAuthParameters() { ConsumerKey = DOMAIN_NAME, ConsumerSecret = SECRET_KEY, Scope = S_SCOPE, Callback = S_CALLBACK, SignatureMethod = "HMAC-SHA1" }; OAuthUtil.GetUnauthorizedRequestToken(parameters); string approvalPageUrl = OAuthUtil.CreateUserAuthorizationUrl(parameters); ViewBag.AuthUrl = approvalPageUrl; } catch (System.Net.WebException ex) { // print out more stuff }

and this is the error that I see (slightly modified to delete sensitive data, however, I left all the characters as they are in case someone thinks this is an encoding error):

 X-Content-Type-Options = nosniff X-XSS-Protection = 1; mode=block Content-Length = 386 Cache-Control = private, max-age=0 Content-Type = text/plain; charset=UTF-8 Date = Sun, 11 Sep 2011 06:53:26 GMT Expires = Sun, 11 Sep 2011 06:53:26 GMT Server = GSE /accounts/OAuthGetAccessToken signature_invalid base_string:GET&https%3A%2F%2Fwww.google.com%2Faccounts%2FOAuthGetAccessToken&oauth_consumer_key%3Dmydomain.com%26oauth_nonce%3D4432dc4bd59b4ea0b133ea52cb450062%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1315724016%26oauth_token%3D4%252FGeEWOLvQL_eGlj8zAdrzi7YPhmhS%26oauth_verifier%3DMkGYPy8qeZPRg7gLKKXsYIiM%26oauth_version%3D1.0 Callback = http://mydomain.com/auth ConsumerKey = mydomain.com ConsumerSecret = RxGavGhuXi92sy3F-Q3DKcY_ Nonce = 4430dc4bd59b4ea3b133ea52cb450062 Scope = https://docs.google.com/feeds SignatureMethod = HMAC-SHA1 Timestamp = 1315724016 Token = 4/GeAWOLvQL_eGlj1zEerzi7YPhmhS TokenSecret = Verifier = MkXLPy8qeZARq7aLKXKsYIiM 2F% 2Fwww.google.com% 2Faccounts% 2FOAuthGetAccessToken & oauth_consumer_key% 3Dmydomain.com% 26oauth_nonce% 3D4432dc4bd59b4ea0b133ea52cb450062% 26oauth_signature_method% 3DHMAC-SHA1% 26oauth_timestamp% 3D1315724016% 26oauth_token% 3D4% 252FGeEWOLvQL_eGlj8zAdrzi7YPhmhS% 26oauth_verifier% 3DMkGYPy8qeZPRg7gLKKXsYIiM% 26oauth_version% 3D1. X-Content-Type-Options = nosniff X-XSS-Protection = 1; mode=block Content-Length = 386 Cache-Control = private, max-age=0 Content-Type = text/plain; charset=UTF-8 Date = Sun, 11 Sep 2011 06:53:26 GMT Expires = Sun, 11 Sep 2011 06:53:26 GMT Server = GSE /accounts/OAuthGetAccessToken signature_invalid base_string:GET&https%3A%2F%2Fwww.google.com%2Faccounts%2FOAuthGetAccessToken&oauth_consumer_key%3Dmydomain.com%26oauth_nonce%3D4432dc4bd59b4ea0b133ea52cb450062%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1315724016%26oauth_token%3D4%252FGeEWOLvQL_eGlj8zAdrzi7YPhmhS%26oauth_verifier%3DMkGYPy8qeZPRg7gLKKXsYIiM%26oauth_version%3D1.0 Callback = http://mydomain.com/auth ConsumerKey = mydomain.com ConsumerSecret = RxGavGhuXi92sy3F-Q3DKcY_ Nonce = 4430dc4bd59b4ea3b133ea52cb450062 Scope = https://docs.google.com/feeds SignatureMethod = HMAC-SHA1 Timestamp = 1315724016 Token = 4/GeAWOLvQL_eGlj1zEerzi7YPhmhS TokenSecret = Verifier = MkXLPy8qeZARq7aLKXKsYIiM
0
source share
1 answer

I struggled with this and was able to build my own MVC2 class to handle the whole process. Take a look and let me know if this helps you.

 public class GoogleController : ApplicationController { // // GET: /Google/ public ActionResult Index() { return View(); } public ActionResult Authorize() { OAuthParameters parameters = BuildParameters(); // build the token for unauthorized requests and generate the url GetUnauthorizedRequestToken(parameters); string authorizationUrl = OAuthUtil.CreateUserAuthorizationUrl(parameters); // store the parameters temporarily and redirect to google for authorization SaveParametersTokens(parameters); Response.Redirect(authorizationUrl); return View(); } public ActionResult Oauth() { // retrieve and update the tokens for temporary authentication OAuthParameters parameters = BuildParameters(); OAuthUtil.UpdateOAuthParametersFromCallback(Request.Url.Query, parameters); // finally, get the token we need b@ #$!!! OAuthUtil.GetAccessToken(parameters); // save those tokens into the database SaveParametersTokens(parameters); // all the success in the world, return back return RedirectToAction("Index", "Admin"); } public ActionResult DeleteParametersTokens() { var oldTokens = (from t in context.GO_GoogleAuthorizeTokens select t); // if there is a token, call google to remove it /*if (oldTokens.Count() > 0) { GO_GoogleAuthorizeToken tokens = oldTokens.First(); AuthSubUtil.revokeToken(tokens.Token, null); }*/ // delete the tokens from the database context.GO_GoogleAuthorizeTokens.DeleteAllOnSubmit(oldTokens); context.SubmitChanges(); // redirect to the administrator homepage when the tokens are deleted return RedirectToAction("Index", "Admin"); } #region private helper methods private void GetUnauthorizedRequestToken(OAuthParameters parameters) { String requestTokenUrl = "https://www.google.com/accounts/OAuthGetRequestToken"; Uri requestUri = new Uri(string.Format("{0}?scope={1}", requestTokenUrl, OAuthBase.EncodingPerRFC3986(parameters.Scope))); // callback is only needed when getting the request token bool callbackExists = false; if (!string.IsNullOrEmpty(parameters.Callback)) { parameters.BaseProperties.Add(OAuthBase.OAuthCallbackKey, parameters.Callback); callbackExists = true; } string headers = OAuthUtil.GenerateHeader(requestUri, "GET", parameters); System.Net.WebRequest request = System.Net.WebRequest.Create(requestUri); request.Headers.Add(headers); System.Net.WebResponse response = request.GetResponse(); string result = ""; if (response != null) { System.IO.Stream responseStream = response.GetResponseStream(); System.IO.StreamReader reader = new System.IO.StreamReader(responseStream); result = reader.ReadToEnd(); } if (callbackExists) { parameters.BaseProperties.Remove(OAuthBase.OAuthCallbackKey); } // split results and update parameters SortedDictionary<string, string> responseValues = OAuthBase.GetQueryParameters(result); parameters.Token = responseValues[OAuthBase.OAuthTokenKey]; parameters.TokenSecret = responseValues[OAuthBase.OAuthTokenSecretKey]; } private bool SaveParametersTokens(OAuthParameters parameters) { try { // first delete any old ones var oldTokens = (from t in context.GO_GoogleAuthorizeTokens select t); context.GO_GoogleAuthorizeTokens.DeleteAllOnSubmit(oldTokens); context.SubmitChanges(); // now create a new one GO_GoogleAuthorizeToken newToken = new GO_GoogleAuthorizeToken { Token = parameters.Token, TokenSecret = parameters.TokenSecret }; context.GO_GoogleAuthorizeTokens.InsertOnSubmit(newToken); context.SubmitChanges(); } catch { return false; } return true; } private OAuthParameters BuildParameters() { // build the base parameters string scope = "https://www.google.com/calendar/feeds/ https://docs.google.com/feeds/ https://mail.google.com/mail/feed/atom/"; string callback = String.Format("http://{0}/Google/Oauth", Request.Url.Authority); OAuthParameters parameters = new OAuthParameters { ConsumerKey = kConsumerKey, ConsumerSecret = kConsumerSecret, Scope = scope, Callback = callback, SignatureMethod = "HMAC-SHA1" }; // check to see if we have saved tokens var tokens = (from a in context.GO_GoogleAuthorizeTokens select a); if (tokens.Count() > 0) { GO_GoogleAuthorizeToken token = tokens.First(); parameters.Token = token.Token; parameters.TokenSecret = token.TokenSecret; } return parameters; } #endregion }
+3
source

Source: https://habr.com/ru/post/885546/

More articles:


All Articles