NetTalk Central

Author Topic: Google API Authentication (2 Legged OAuth implementation)  (Read 7515 times)

Stu

  • Hero Member
  • *****
  • Posts: 510
    • View Profile
    • Email
Google API Authentication (2 Legged OAuth implementation)
« on: July 29, 2012, 04:42:50 PM »
Hi Folks,

I've created a window + Nettalk ThisWebClient proc that attempts to interact with the Google API using 2-legged OAuth implementation (https://developers.google.com/accounts/docs/OAuth#GoogleAppsOAuth).

Am missing something vital, not able to get past the initial bad header errors.

Just wondering if there's anyone else who has gotten this working?
Cheers,

Stu Andrews

bshields

  • Sr. Member
  • ****
  • Posts: 392
    • View Profile
    • Inhabit
    • Email
Re: Google API Authentication (2 Legged OAuth implementation)
« Reply #1 on: July 29, 2012, 06:45:59 PM »
Hey Stu!

Hows it going?

I have google auth working using oAuth and NT. I was doing google contact, calendar Sync'ing.

I had to hack NT to support more than just POST & GET in the HTTP spec.

Sounds like that were you are up to.

Regards
Bill

Stu

  • Hero Member
  • *****
  • Posts: 510
    • View Profile
    • Email
Re: Google API Authentication (2 Legged OAuth implementation)
« Reply #2 on: July 29, 2012, 10:57:44 PM »
Double hey Bill!

Yeah, pretty much I think.

Asked the question on StackOverflow - that's how desperate I was :)

http://stackoverflow.com/questions/11644035/google-authorization-header-incorrect-401-error

That might give you more of an idea just how clueless I am with this. Missing some vital (no doubt simple) piece of code.
Cheers,

Stu Andrews

Larry Sand

  • Full Member
  • ***
  • Posts: 101
    • View Profile
Re: Google API Authentication (2 Legged OAuth implementation)
« Reply #3 on: July 30, 2012, 06:01:56 AM »
Stu, this should be close to what you need: http://msdn.microsoft.com/en-us/library/aa382379(v=vs.85)

Larry Sand

Stu

  • Hero Member
  • *****
  • Posts: 510
    • View Profile
    • Email
Re: Google API Authentication (2 Legged OAuth implementation)
« Reply #4 on: July 30, 2012, 03:02:57 PM »
Hey Larry, thanks for the link!

Actually, pretty sure Cryptonite is going to be able to help me out. Can't believe I didn't think about that earlier.
Cheers,

Stu Andrews

bshields

  • Sr. Member
  • ****
  • Posts: 392
    • View Profile
    • Inhabit
    • Email
Re: Google API Authentication (2 Legged OAuth implementation)
« Reply #5 on: July 30, 2012, 04:45:22 PM »
Hi Stu,

Did a little reading and my issues with Google sync revolved around FETCH, UPDATE and DELETE which are part of the HTTP standard but not supported by NetTalk. I needed these as part of the sync function. So my comments were useless.... oops

My Google stuff does require OAuth Authentication, whereas you're is using 2-legged, which essentially doesn't.

All of this i'm sure you have figured out. So as you have do the HMAC-SHA1 encryption of URL/POST and it should work :)

Regards
Bill

Stu

  • Hero Member
  • *****
  • Posts: 510
    • View Profile
    • Email
Re: Google API Authentication (2 Legged OAuth implementation)
« Reply #6 on: July 30, 2012, 09:15:25 PM »
Heya Bill,

Yeah, it was the actual encrypting of the secret that I was missing. My first instinct was to just whack the secret in as it is. Bad mojo!
Cheers,

Stu Andrews

Stu

  • Hero Member
  • *****
  • Posts: 510
    • View Profile
    • Email
Re: Google API Authentication (2 Legged OAuth implementation)
« Reply #7 on: August 05, 2012, 04:03:36 PM »
Haven't managed to get this solved yet.

The problem seems to be getting a HMAC hash of  the "Secret" value.

Currently am trying to replicate the examples here (http://en.wikipedia.org/wiki/Hash-based_message_authentication_code#Examples_of_HMAC_.28MD5.2C_SHA1.2C_SHA256.29), so that I can know that I'm getting the right HMAC hash result.
Cheers,

Stu Andrews

kevin plummer

  • Hero Member
  • *****
  • Posts: 1195
    • View Profile
    • Production Accounting and Software Payroll
Re: Google API Authentication (2 Legged OAuth implementation)
« Reply #8 on: November 29, 2012, 08:27:27 PM »
Stu did you ever get this working? I'm doing some research on OAuth as I want to connect with "Xero" and came across your post. Inspecting your code I noticed your nonce and timestamp were not formatted but I'm sure you already figured that out. Any pointers welcome...

Stu

  • Hero Member
  • *****
  • Posts: 510
    • View Profile
    • Email
Re: Google API Authentication (2 Legged OAuth implementation)
« Reply #9 on: December 03, 2012, 03:35:53 PM »
Hi Kevin,

1. Formatted? Yowza .. Didn't even occur to me. Stupid brain.

2. Haven't gotten 2-legged going yet. Taken the first step and gotten a simple oauth working in our Gmail contextual gadget.

Next section of work will require me to get the 2-legged going, so I'm hoping to get into it soon (hopefully before, but probably after new years).

P.S. Early next year I'll be integrating with Xero also! We should trade notes.
Cheers,

Stu Andrews