问题
Google Reader API Seems expecting something different for authentication today!
About a week ago, I downloaded this, and everything is working and I try to port that to java. For my code, it is working perfectly (with the help on your examples) until today. I stack tracing everything and I found out that suddenly the google reader is not accepting only SID as the cookie. And of course, I test run your sample application as well and it is not working as well.
Then I went to tamper the data of the Google Reader, and I remove every cookie entries except the SID, and it is not working (well it gives 401, just like my application and your sample); I tested again and I found that it now needs another cookie entry called HSID, which, compare to SID (which is more than 100 word long) it is about 10-20 words. Any one know where can we get that additional HSID?
PS I can do the HTTPS for authentication and google is returning three tokens (SID, LSID, AUTH) to me. But nowhere I can guess what the HSID is.
回答1:
I did it. Yes, the link provided by sfa is right. But the format is sort of too confusing. Here's how I do it.
- Post to https://www.google.com/accounts/ClientLogin with login credentials.
- In return, three tokens will be passed if correct login: a. SID b. LSID c. Auth
- Save the Auth somewhere in application. Forget about SID and LSID (I guess they might remove them later on)
In every request, add following in the header: headername: Authorization value: GoogleLogin auth={Auth string} e.g. (in java)
HttpGet method = new HttpGet(CommandUrl + QueryString); method.addHeader("Authorization", "GoogleLogin auth=" + Auth);
This works. Thanks sfa for the link.
回答2:
You have to add the Authorization GoogleLogin auth=xxx to your header. Here is the quote from the message:
Here is a quick summary of how to make this change: For those apps that area already obtaining authentication from https://www.google.com/accounts/ClientLogin you should get back as part of your response an Auth= value. For every request you send to Reader you should provide that value as a HTTP header and things will work as usual. The header format is: Authorization:GoogleLogin auth=[value obtained from ClientLogin]
Conferm that it works! I got the same error and already solved the issue. See it here.
回答3:
See http://code.google.com/p/google-reader-api/wiki/Authentication for details, but briefly, only ClientLogin and OAuth are supported. Please do not continue to simulate the browser flow (with SID and HSID cookies), that is not supported and may break at any point.
回答4:
Or consider using the ReaderTemplate class offered here: http://github.com/wspringer/greader-java/. It basically hides the complexity of weaving in the appropriate headers and (re)authentication.
回答5:
when you first login use https://www.google.com/accounts/ServiceLoginAuth . you will get hsid!
i see all google reader api operation use hsid.
i use firebug can see hsid in setCookie field of response
回答6:
The 4 steps described by xandy are working, thanks.
This is my implementation of xandy's steps in .NET: http://sandrinodimattia.net/blog/post/Consuming-Google-(Reader)-with-NET-Part-1-Authentication.aspx
来源:https://stackoverflow.com/questions/3100078/google-reader-authentication-problem