开发者

oauth on appengine: access issue

问答 作者:

I am having some difficulty accessing resources through OAuth on AppEngine.

My client application (on Linux using python-oauth) is able to retrieve a valid "access token" but when I try to access a protected resource (e.g. user = oauth.get_current_user()) , I get a oauth.OAuthRequestError exception thrown.

headers: {'Content-Length': '21', 'User-Agent': 'musync,gzip(gfe),gzip(gfe)', 'Host': 'services.systemical.com', 'X-Google-Apps-Metadata': 'domain=systemical.com', 'X-Zoo': 'app-id=services-systemical,domain=systemical.com', 'Content-Type': 'application/json', 'Authorization': 'OAuth oauth_nonce="03259912", oauth_timestamp="1282928181", oauth_consumer_key="services.systemical.com", oauth_signature_method="HMAC-SHA1", oauth_version="1.0", oauth_token="1%2Fo0-tcGTfRzkkm449qVxd_8CfCvMcW_0xwL024nO3HgI", oauth_signature="2ojSK6Ws%2BvDxx3Rdlltf53hlI2w%3D"'}

I suspect that the issue might be domain related i.e. I am using an end-point on services.systemical.com whilst I see that AppEngine reports domain=systemical.com for the X-Google-Apps-Metadata.

How do I fix this? Is it a problem with how I am using sub-domains with Apps/AppEngine??

The domain "services.systemical.com" points to (DNS CNAME) my appengine application services-systemical.appspot.com. The domain systemical.com is associated with a Google Apps domain.

Update: Here is the client code I am using:

class OauthClient(object):

    gREQUEST_TOKEN_URL = 'OAuthGetRequestToken'
    gACCESS_TOKEN_URL =  'OAuthGetAccessToken'
    gAUTHOR开发者_JS百科IZATION_URL = 'OAuthAuthorizeToken'

    def __init__(self, server, port, base):
        self.server=server
        self.port=port
        self.base=base
        self.request_token_url=self.base+self.gREQUEST_TOKEN_URL
        self.access_token_url=self.base+self.gACCESS_TOKEN_URL
        self.authorize_token_url=self.base+self.gAUTHORIZATION_URL
        self.connection = httplib.HTTPConnection("%s:%d" % (self.server, self.port))

    def fetch_request_token(self, oauth_request):
        self.connection.request(oauth_request.http_method, self.request_token_url, headers=oauth_request.to_header()) 
        response = self.connection.getresponse()
        print response.status, response.reason
        print response.msg
        return oauth.OAuthToken.from_string(response.read())

    def fetch_access_token(self, oauth_request):
        self.connection.request(oauth_request.http_method, self.access_token_url, headers=oauth_request.to_header()) 
        response = self.connection.getresponse()
        return oauth.OAuthToken.from_string(response.read())

    def authorize_token(self, oauth_request):
        self.connection.request(oauth_request.http_method, oauth_request.to_url()) 
        response = self.connection.getresponse()
        return response.read()

I had a similar problem. Although i can't be more specific (I don't have the code with me) I can tell you that the problem is probably related to the request. Google App Engine is very picky with the request you make.

Try sending the request body empty. For example, this is the usual call:

import httplib
connection = httplib.HTTPSConnection('server.com')
connection.request('POST', REQUEST_TOKEN_URL,body = urlencode(body), headers = {'Authorization': header})

but you should send with an empty body:

connection.request('POST', REQUEST_TOKEN_URL, headers = {'Authorization': header})

The headers have all the information that is needed for OAuth.

继续阅读:google-app-engineoauth

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9