Google OAuth with Indy in Delphi

StackOverflow https://stackoverflow.com/questions/1570225

  •  21-09-2019
  •  | 
  •  

Question

I am using Indy10 with Delphi and trying to get Google's OAuth to work. The first step is to make a request to the OAuthGetRequestToken method. The code below returns a 400 error. Any help would be greatly appreciated. 

procedure TForm1.Button1Click(Sender: TObject);
    var
      IdHTTP: TIdHTTP;
      IdSSLIOHandlerSocket1: TIdSSLIOHandlerSocketOpenSSL;
      Params: TStringList;
      mString: String;
    begin
      Params := tstringlist.create;
      IdSSLIOHandlerSocket1 := TIdSSLIOHandlerSocketOpenSSL.create(nil);
      IdHTTP := TIdHTTP.create(nil);

      with IdSSLIOHandlerSocket1 do begin
        SSLOptions.Method := sslvSSLv3;
        SSLOptions.Mode :=  sslmUnassigned;
        SSLOptions.VerifyMode := [];
        SSLOptions.VerifyDepth := 2;
      end;
      with IdHTTP do begin
        IOHandler := IdSSLIOHandlerSocket1;
        ReadTimeout := 0;
        AllowCookies := True;
        ProxyParams.BasicAuthentication := False;
        ProxyParams.ProxyPort := 0;
        Request.ContentLength := -1;
        Request.ContentRangeEnd := 0;
        Request.ContentRangeStart := 0;
        Request.ContentType := 'application/x-www-form-urlencoded';
        request.host := 'https://www.google.com';
        Request.Accept := 'text/html, */*';

        Request.BasicAuthentication := False;
        Request.UserAgent := 'Mozilla/3.0 (compatible; Indy Library)';
        HTTPOptions := [hoForceEncodeParams];
      end;
      Params.Add('scope=https://www.google.com/analytics/feeds/');
      Params.Add('oauth_consumer_key=anonymous');
      Params.Add('oauth_signature_method=HMAC-SHA1');
      Params.Add('oauth_signature=wOJIO9A2W5mFwDgiDvZbTSMK%2FPY%3D');
      Params.Add('oauth_timestamp=137131200');
      Params.Add('oauth_nonce=4572616e48616d6d65724c61686176');
      showmessage(HTTPDecode(IdHTTP.Post('https://www.google.com/accounts/OAuthGetRequestToken',Params)));

    end;
Was it helpful?

Solution

Look at the response DataString (where the Exception is raised), it will give you a more detail reason for the problem.
For instance, trying with your code, I first got a "timestamp too far from current time", then after updating the oauth_timestamp, I got an "Invalid Signature"...

OTHER TIPS

Check if you get a return message in the response header, too, besides the 400. Most web services provide some kind of textual description on what is going wrong.

Also verify that the OpenSSL library is actually loaded, otherwise Indy might fallback to unencoded communication, which the server might not accept.

Try routing your request through HTTP Fiddler.

I found that to be an excellent tool to trace what goes wrong on http/https level.

--jeroen

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top