Google API 2 legged Oauth : “Token invalid - Invalid AuthSub token.”

StackOverflow https://stackoverflow.com/questions/7598301

  •  05-02-2021
  •  | 
  •  

Pergunta

I've based my code on http://gdatatips.blogspot.com/2008/11/2-legged-oauth-in-php.html.

Here's my code, I want to work with the Google Doc (Document List) API :

        $endpoint = 'https://www.google.com/accounts/OAuthGetRequestToken';
        $consumer = new OAuthConsumer(GOOGLE_API_DOCLIST_CONSUMER_KEY, GOOGLE_API_DOCLIST_CONSUMER_SECRET, NULL);

        $arrParams = array(
                    'scope' => 'https://docs.google.com/feeds/'
                    ,'xoauth_requestor_id' => GOOGLE_API_DOCLIST_USER_EMAIL
                    );
        $req = OAuthRequest::from_consumer_and_token($consumer, NULL, "GET", $endpoint, $arrParams);
        $req->sign_request(new OAuthSignatureMethod_HMAC_SHA1(), $consumer, null);


        $curl = new Auth_Curl();
        $content = $curl->request($req->to_url());


        $docAPI = new GoogleAPI_DocumentList(new Auth_Curl(), $req->to_header());

        var_dump($req->to_header());
        echo '<br />-- Getting Collections list';

        $url = 'https://docs.google.com/feeds/default/private/full/-/folder' . '?xoauth_requestor_id=' . GOOGLE_API_DOCLIST_USER_EMAIL;
        $raw = $docAPI->getCollectionList($url);
        var_dump($raw);
        die();

I constantly get:

Token invalid - Invalid AuthSub token.

What am I doing wrong ?

Edit: Here's some "hints":

  • They seem to mix the API endpoint and the base feed. I've put the OAuthGetRequestToken for the endpoint. It seem to generate a valid response.
  • I've kept it, but I'm not sure that the xoauth_requestor_id is required.
  • The documentation tells us to use space to separate the parameters in the Authorization header. the library use comma.
Foi útil?

Solução

Here's the corrected code:

    $endpoint = 'https://docs.google.com/feeds/default/private/full/-/folder';
    $consumer = new OAuthConsumer(GOOGLE_API_DOCLIST_CONSUMER_KEY, GOOGLE_API_DOCLIST_CONSUMER_SECRET, NULL);

    $arrParams = array(
                'xoauth_requestor_id' => GOOGLE_API_DOCLIST_USER_EMAIL
                );
    $req = OAuthRequest::from_consumer_and_token($consumer, NULL, "GET", $endpoint, $arrParams);
    $req->sign_request(new OAuthSignatureMethod_HMAC_SHA1(), $consumer, null);

    $docAPI = new GoogleAPI_DocumentList(new Auth_Curl(), $req->to_header());

    var_dump($req->to_header());
    echo '<br />-- Getting Collections list';

    $url = 'https://docs.google.com/feeds/default/private/full/-/folder' . '?xoauth_requestor_id=' . GOOGLE_API_DOCLIST_USER_EMAIL;
    $raw = $docAPI->getCollectionList($url);
    var_dump($raw);
    die();
  • The API and EndPoint were not mixed. On OAuth v1.0, you don't ask the server to generate a token to be used in the authorization header, the authorization header is generated 100% locally. ( I think the URL is used at some point to render the authorization header )
  • As you don't generate an access_token, you don't need to define a scope.
  • Make sure you have a business account
    • Only business account allow you to activate 2 legged Authentication.
Licenciado em: CC-BY-SA com atribuição
Não afiliado a StackOverflow
scroll top