2-legged OAuth and the Gmail atom feed

此生再无相见时 提交于 2019-12-05 05:29:17

问题


We're trying to get 2-legged OAuth to work with the Gmail atom feed. We're using the Java library contributed by John Kristian, Praveen Alavilli and Dirk Balfanz. [http://oauth.net/code/] instead of the GData library.

We know we have the correct CONSUMER_KEY and CONSUMER_SECRET, etc. becuase it works with the Contacts feed (http://www.google.com/m8/feeds/contacts/default/full) and have no problems. However with Gmail atom feed it always returns: HTTP/1.1 401 Unauthorized

Any ideas? Should we try a different OAuth framework or does the problem lie on the Google side?


回答1:


We think we got it working with the OAuth libraries but not with the GData library.

Snippet of code is:

import static net.oauth.OAuth.HMAC_SHA1;                                                       
import static net.oauth.OAuth.OAUTH_SIGNATURE_METHOD;                                          

import java.net.URL;
import java.util.List;
import java.util.Map; 

import net.oauth.OAuthAccessor;
import net.oauth.OAuthConsumer;
import net.oauth.OAuthMessage; 
import net.oauth.ParameterStyle;
import net.oauth.SimpleOAuthValidator;
import net.oauth.client.OAuthClient;  
import net.oauth.client.httpclient4.HttpClient4;


/**
 * Sample application demonstrating how to do 2-Legged OAuth in the Google Data
 * Java Client.  See the comments below to learn about the details.            
 *                                                                             
 */                                                                            
public class GmailAtomFeed2LeggedOauth {                                       

    public static String CONSUMER_KEY = "test-1001.com";
    public static String CONSUMER_SECRET = "zN0ttehR3@lSecr3+";
    public static String SCOPE = "https://mail.google.com/mail/feed/atom";
    public static String RESOURCE_URL = "https://mail.google.com/mail/feed/atom";
    public static String SERVICE_NAME = "mail";                                  
    public static String username = "username";                                  
    public static boolean debug = true;                                          

    public static void main(String[] args) throws Exception {

        // This should be passed in as a parameter
        String user = username + "@" + CONSUMER_KEY;

        OAuthConsumer consumer = new OAuthConsumer(null, CONSUMER_KEY, CONSUMER_SECRET, null);
        OAuthAccessor accessor = new OAuthAccessor(consumer);                                 

        // HMAC uses the access token secret as a factor,
        // and it's a little less compute-intensive than RSA.
        accessor.consumer.setProperty(OAUTH_SIGNATURE_METHOD, HMAC_SHA1);

        // Gmail only supports an atom feed
        URL atomFeedUrl = new URL(SCOPE +"?xoauth_requestor_id=" + user);

        System.out.println("=====================================================");
        System.out.println("Building new request message...");

        OAuthMessage request = accessor.newRequestMessage(OAuthMessage.GET, atomFeedUrl.toString(),null);

        if (debug) {
            List<Map.Entry<String, String>> params = request.getParameters();
            for (Map.Entry<String, String> p : params) {
                System.out.println("'" + p.getKey() + "' =  <" + p.getValue() + ">");
            }
            System.out.println("Validating message...");
            SimpleOAuthValidator validator=new SimpleOAuthValidator();
            validator.validateMessage(request,accessor);
        }

        OAuthClient client = new OAuthClient(new HttpClient4());

        System.out.println("Client invoking request message...");
        System.out.println(" request: " + request);
        OAuthMessage message = client.invoke(request, ParameterStyle.AUTHORIZATION_HEADER);

        System.out.println("=====================================================");
        System.out.println(" message: " + message.readBodyAsString());
        System.out.println("=====================================================");
    }
}



回答2:


Put the OAuth data in the Authorization header, not on the URI.



来源:https://stackoverflow.com/questions/2714296/2-legged-oauth-and-the-gmail-atom-feed

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!