Developing OAuth for Google apps engine ...Python
RequestError: Unable to upgrade OAuth request token to access token: 400, signature_invalid
base_string:POST&https%3A%2F%2Fwww.google.com%2Faccounts%2FOAuthGetAccessToken&oauth_consumer_key%3Dcalendar-auth.appspot.com%26oauth_nonce%3D646112512717164%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1306760936%26oauth_token%3D4%252F-cP-Ai1NzxDtLehvtzRbGd4SHZ1-%26oauth_verifier%3DPYGMYX8riH9AfpJvTEh_Ztzm%26oauth_version%3D1.0
I am new to google apps development.was trying to implement OAuth in a web application.When i call GetAccessToken() method then it shows the above error.Please help me out frokm this.... I am using the following code... :
class MainHandler(webapp.RequestHandler):
def get(self):
CONSUMER_KEY = 'xyz'
CONSUMER_SECRET = 'xyz'
SCOPES = ['https://docs.google.com/feeds/', 'https://www.google.com/calendar/feeds/'] # example of a multi-scoped token
client = gdata.docs.client.DocsClient(source='xyz')
oauth_callback_url = 'http://%s/get_access_token' % self.request.host
request_token = client.GetOAuthToken(
SCOPES, oauth_callback_url, CONSUMER_KEY, consumer_secret=CONSUMER_开发者_StackOverflowSECRET)
memcache.add("rtoken",request_token,3600)
domain = 'default' # If on a Google Apps domain, use your domain (e.g. 'example.com').
url = str(request_token.generate_authorization_url(google_apps_domain=domain))
self.redirect(url)
class AuthToken(webapp.RequestHandler):
def get(self):
client = gdata.docs.client.DocsClient(source='xyz')
saved_request_token = memcache.get("rtoken")
request_token = gdata.gauth.AuthorizeRequestToken(saved_request_token, self.request.uri)
self.response.out.write("Got the token")
access_token = client.GetAccessToken(request_token)
https://www.google.com/accounts/OAuthGetAccessToken
{
oauth_consumer_key=calendar-auth.appspot.com
oauth_nonce=646112512717164
oauth_signature_method=HMAC-SHA1
oauth_timestamp=1306760936
oauth_token=4/-cP-Ai1NzxDtLehvtzRbGd4SHZ1-
oauth_verifier=PYGMYX8riH9AfpJvTEh_Ztzm
oauth_version=1.0
}
I would recommend against posting oauth tokens to the public.
According to http://wiki.oauth.net/w/page/12238555/Signed-Callback-URLs, you should be posting oauth_signature, but I don't see it in the list
精彩评论