开发者

Developing OAuth for Google apps engine ...Python

RequestError: Unable to upgrade OAuth request token to access token: 400, signature_invalid

base_string:POST&https%3A%2F%2Fwww.google.com%2Faccounts%2FOAuthGetAccessToken&oauth_consumer_key%3Dcalendar-auth.appspot.com%26oauth_nonce%3D646112512717164%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1306760936%26oauth_token%3D4%252F-cP-Ai1NzxDtLehvtzRbGd4SHZ1-%26oauth_verifier%3DPYGMYX8riH9AfpJvTEh_Ztzm%26oauth_version%3D1.0

I am new to google apps development.was trying to implement OAuth in a web application.When i call GetAccessToken() method then it shows the above error.Please help me out frokm this.... I am using the following code... :

class MainHandler(webapp.RequestHandler):
    def get(self):
        CONSUMER_KEY = 'xyz'
        CONSUMER_SECRET = 'xyz'
        SCOPES = ['https://docs.google.com/feeds/', 'https://www.google.com/calendar/feeds/']  # example of a multi-scoped token

        client = gdata.docs.client.DocsClient(source='xyz')

        oauth_callback_url = 'http://%s/get_access_token' % self.request.host
        request_token = client.GetOAuthToken(
            SCOPES, oauth_callback_url, CONSUMER_KEY, consumer_secret=CONSUMER_开发者_StackOverflowSECRET)
        memcache.add("rtoken",request_token,3600)
        domain = 'default'  # If on a Google Apps domain, use your domain (e.g. 'example.com').
        url = str(request_token.generate_authorization_url(google_apps_domain=domain))
        self.redirect(url)

class AuthToken(webapp.RequestHandler):
    def get(self):
        client = gdata.docs.client.DocsClient(source='xyz')
        saved_request_token = memcache.get("rtoken")        
        request_token = gdata.gauth.AuthorizeRequestToken(saved_request_token, self.request.uri)
        self.response.out.write("Got the token")
        access_token = client.GetAccessToken(request_token)


https://www.google.com/accounts/OAuthGetAccessToken
{
oauth_consumer_key=calendar-auth.appspot.com
oauth_nonce=646112512717164
oauth_signature_method=HMAC-SHA1
oauth_timestamp=1306760936
oauth_token=4/-cP-Ai1NzxDtLehvtzRbGd4SHZ1-
oauth_verifier=PYGMYX8riH9AfpJvTEh_Ztzm
oauth_version=1.0
}

I would recommend against posting oauth tokens to the public.

According to http://wiki.oauth.net/w/page/12238555/Signed-Callback-URLs, you should be posting oauth_signature, but I don't see it in the list

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜