Android的谷歌日历授权问题 [英] Android Google Calendar Authorization Problem
问题描述
我试图让一个应用程序,访问用户的谷歌日历使用OAuth。我有code到位,获取所有适当的标记,他们保存到一些preferences。我使用的教程这里做到这一点所有的,顺便说一句。我已经成功地改变了范围和要求的URL,这样我得到所需要的代币。问题来了,当我真正尝试使用令牌。而不是日历信息,我找回了一些HTML,上面写着未知的授权头错误401。我使用的请求URL是:
I'm trying to make an app that accesses a user's Google Calendar using OAuth. I have the code in place that gets all of the proper tokens and they are saved into some preferences. I used the tutorial here to do this all, by the way. I have successfully changed the scope and request URL's so that I'm getting the needed tokens. The problem comes when I actually try to USE the token. Instead of calendar info, I get back some HTML that says "Unknown authorization header Error 401". The request URL I am using is:
https://www.google.com/calendar/feeds/default/allcalendars/full
和范围是:
http://www.google.com/calendar/feeds/
我试图取代'默认'与我的电子邮件地址(这也是我用于OAuth的一个)无济于事。我使用了错误的网址是什么?如果没有,还有什么可能导致这个错误?我一直在寻找了几天,现在找到谁已经访问使用OAuth的日历的人,但一切我发现被人放弃,因为它太困难或不能正常工作。
I have tried replacing 'default' with my email address (which is also the one that I used for the OAuth) to no avail. Am I using the wrong URL? if not, what else could cause this error? I have been looking for a few days now to find someone who has accessed the Calendar using OAuth, but everything I have found is people giving up because it's too difficult or doesn't work.
编辑:
我相信我的标题是正确的,这里是它的一个例子:
I believe my header is correct, here is an example of it:
OAuth oauth_token="************-********-**********-****",
oauth_consumer_key="anonymous",
oauth_version="1.0",
oauth_signature_method="HMAC-SHA1",
oauth_timestamp="1303161387",
oauth_nonce="*******************",
oauth_signature="*******************"
这是直接从我的应用程序拉,从我能找到它看起来我的权利,但我仍然得到上述错误(未知的认证头401错误)。
That is pulled directly from my app, and from what I could find it looks right to me, but I'm still getting the error above (Unknown Authorization Header Error 401).
推荐答案
在Authorization头需要授权:OAuth的oauth_nonce =deadbeefdeadbeefoauth_version =1.0......
The Authorization header needs to be "Authorization: OAuth oauth_nonce="deadbeefdeadbeef" oauth_version="1.0" ....
请参阅 HTTP://$c$c.google .COM /原料药/帐号/文档/ OAuth_ref.html#RequestToken 。你可以,按说,也不过在查询字符串或在POST身体的授权参数,但我还没有尝试的。
正如在下面的评论指出,谷歌现在,至少在日历进料,附加一个gsessionid ='查询字符串和调整;所以重定向处理必须创建一个新的随机数和时间戳,并作出新的签名,确保到gsessionid添加到基签名字符串中正确的字典顺序(preceding任何oauth_变量)。
See http://code.google.com/apis/accounts/docs/OAuth_ref.html#RequestToken. You can, supposedly, also but the authorization parameters in the querystring or in the body of a POST, but I have not attempted that.
As noted in the comments below, Google is now, at least with the Calendar feed, appending a 'gsessionid=' querystring and redirecting; and so a redirect handler must create a new nonce and timestamp, and make a new signature making sure to add the gsessionid to the base signature string in the correct lexicographical order (preceding any of the oauth_ variables).
这篇关于Android的谷歌日历授权问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!