You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shindig.apache.org by Loic Dachary <lo...@dachary.org> on 2009/07/03 00:11:27 UTC
Bug or misunderstanding in OAuth with partuza.nl ?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
I've installed
http://opensocial-php-client.googlecode.com/files/opensocial-php-client-1.0.1.zip
and was able to use
http://pokersource.info/opensocial-php-client/examples/listFriends.php?test=partuza
successfully out of the box.
I tried to replace the consumer key and the consumer secret with the
ones that show at http://partuza.opensocial.dachary.org/profile/edit#oauth
as follows in the __init__.py file
$osapi = new osapi($provider,
osapiOAuth3Legged::performOAuthLogin('d2eaf3fb-d7f2-cecf-9ce5-cfebeeebffc7',
'a0542a03a2ce8c3cb2032e724b0ecf75', new
osapiFileStorage('/tmp/osapi'), $provider, $localUserId));
but got
Fatal error: Uncaught exception 'osapiException' with message 'Error
requesting oauth access token, code 401, message: <html><body><h1>401
- - Unexpected token type (request) or unknown token</h1></body></html>'
in /var/www/opensocial-php-client/osapi/auth/osapiOAuth3Legged.php:118
Stack trace: #0
/var/www/opensocial-php-client/osapi/auth/osapiOAuth3Legged.php(83):
osapiOAuth3Legged->upgradeRequestToken('c0eec0f0-f8cc-c...',
'01784ca90bdec8e...') #1
/var/www/opensocial-php-client/examples/__init__.php(57):
osapiOAuth3Legged::performOAuthLogin('d2eaf3fb-d7f2-c...',
'a0542a03a2ce8c3...', Object(osapiFileStorage),
Object(osapiPartuzaProvider), 'c5abdb7ae4b8a71...') #2
/var/www/opensocial-php-client/examples/listFriends.php(18):
require_once('/var/www/openso...') #3 {main} thrown in
/var/www/opensocial-php-client/osapi/auth/osapiOAuth3Legged.php on
line 118
I then tried to install an application ( simple Hello World ), went to
the edit application page and tried the consumer key / secret I found
there.
$osapi = new osapi($provider,
osapiOAuth3Legged::performOAuthLogin('fadce8f8-e6da-cbf1-b6ee-ffdffcd3ecff',
'03b\
91c788ebb3146f05d1d5680adfab3', new osapiFileStorage('/tmp/osapi'),
$provider, $localUserId));
but got :
Fatal error: Uncaught exception 'osapiException' with message 'Error
requesting oauth access token, code 401, message: <html><body><h1>401
- - Unexpected token type (request) or unknown token</h1></body></html>'
in /var/www/opensocial-php-client/osapi/auth/osapiOAuth3Legged.php:118
Stack trace: #0
/var/www/opensocial-php-client/osapi/auth/osapiOAuth3Legged.php(83):
osapiOAuth3Legged->upgradeRequestToken('c0eec0f0-f8cc-c...',
'01784ca90bdec8e...') #1
/var/www/opensocial-php-client/examples/__init__.php(60):
osapiOAuth3Legged::performOAuthLogin('fadce8f8-e6da-c...',
'03b91c788ebb314...', Object(osapiFileStorage),
Object(osapiPartuzaProvider), 'c5abdb7ae4b8a71...') #2
/var/www/opensocial-php-client/examples/listFriends.php(18):
require_once('/var/www/openso...') #3 {main} thrown in
/var/www/opensocial-php-client/osapi/auth/osapiOAuth3Legged.php on
line 118
again. I think I'm officially lost ;-)
Thanks in advance for any hint.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkpNMI4ACgkQ8dLMyEl6F21a3wCfaWGGlF6EPicXLVICsQ6yUUIB
YfEAoLRk35oB8g/TheE7A39XS9L/TAY2
=DkEn
-----END PGP SIGNATURE-----
Re: Bug or misunderstanding in OAuth with partuza.nl ?
Posted by Chris Chabot <ch...@google.com>.
On Fri, Jul 3, 2009 at 12:13 PM, Loic Dachary <lo...@dachary.org> wrote:
>
> I would have understood "invalid consumer key" or "invalid consumer
> secret". But invalid signature eludes me because I don't see how it can go
> wrong if the consumer key and secret are good.
>
That is actually one of the huge downsides of OAuth, the error reporting is
completely untransparent.
The OAuth provider just receives a signature string (which is the hash
(based on the consumer and access key+secret) of the url). If one of those
consumer & access tokens or secrets doesn't match up between the two, all it
knows is that the hash isn't what it expected... so you get this general
'invalid signature' error.
In other words, just because you don't get a 'invalid key / secret' error,
that doesn't mean they really are ok :) So double checking those should
hopefully fix the situation
-- Chris
Re: Bug or misunderstanding in OAuth with partuza.nl ?
Posted by Loic Dachary <lo...@dachary.org>.
Chris Chabot wrote:
> What might be causing a conflict is that the caching of the OAuth keys is
> based on the user ID + site name, so perhaps doing a rm -rf /tmp/osapi
could
> help when you're switching to different OAuth keys.
>
It did the trick : it works :-) Thanks !
Now I'm back to try to make it work on
http://partuza.opensocial.dachary.org/, much more confident because I
have a reference that works. I've modified
opensocial-php-client/examples/__init__.php with
$osapi = new osapi($provider,
osapiOAuth3Legged::performOAuthLogin('ffd4ccfa-d0f8-cfd0-a6c7-f4dae0fad2f5',
'fb272ccb5bf1f7e58bd3d517f1f4ff17', new osapiFileStorage('/tmp/osapi'),
$provider, $localUserId));
where the consumer key / secret is what shows under my account name at
http://partuza.opensocial.dachary.org/profile/edit#oauth
I also modified
opensocial-php-client/osapi/providers/osapiPartuzaProvider.php with
class osapiPartuzaProvider extends osapiProvider {
public function __construct(osapiHttpProvider $httpProvider = null) {
parent::__construct("http://partuza.opensocial.dachary.org/oauth/request_token",
"http://partuza.opensocial.dachary.org/oauth/authorize",
"http://partuza.opensocial.dachary.org/oauth/access_token",
"http://shindig.opensocial.dachary.org/social/rest",
"http://shindig.opensocial.dachary.org/social/rpc", "Partuza", true,
$httpProvider);
I removed /tmp/ospi and when I go to
http://localhost/opensocial-php-client/examples/listFriends.php?test=partuza
it says:
( ! ) osapiException: Error requesting oauth request token, code 401,
message:
401 - Invalid signature
in /var/www/opensocial-php-client/osapi/auth/osapiOAuth3Legged.php on
line /172/
Call Stack
# Time Memory Function Location
1 0.0006 67936 {main}( ) ../listFriends.php*:*0
2 0.0015 108196 require_once(
'/var/www/opensocial-php-client/examples/__init__.php' )
../listFriends.php*:*18
3 0.0498 1588892 osapiOAuth3Legged::performOAuthLogin( )
../__init__.php*:*57
4 0.0501 1592276 osapiOAuth3Legged->obtainRequestToken( )
../osapiOAuth3Legged.php*:*89
and the apache logs on both shindig.opensocial.dachary.org and
partuz.opensocial.dachary.org only show one line:
87.98.128.80 - - [03/Jul/2009:12:09:00 +0200] "GET
/oauth/request_token?oauth_version=1.0&oauth_nonce=fae4023cdb03b65e41286b86ccd64a0b&oauth_timestamp=1246615717&oauth_consumer_key=ffd4ccfa-d0f8-cfd0-a6c7-f4dae0fad2f5&oauth_signature_method=HMAC-SHA1&oauth_signature=hXkhv6jxJRg1%2B42PaPxYpenkObE%3D
HTTP/1.1" 401 58 "-" "osapi 1.0"
I would have understood "invalid consumer key" or "invalid consumer
secret". But invalid signature eludes me because I don't see how it can
go wrong if the consumer key and secret are good.
For your information the config.php file of partuza has all the defaults
from the 1.0 tarbal and the following patch:
--- a/usr/src/partuza/html/config.php Sun Jun 28 16:24:59 2009 +0200
+++ b/usr/src/partuza/html/config.php Sun Jun 28 18:53:08 2009 +0200
@@ -32,10 +32,10 @@
'container' => 'default',
// gadget server url
-'gadget_server' => 'http://shindig',
+'gadget_server' => 'http://shindig.opensocial.dachary.org',
// The url of this partuza instalation, including the (optional) web_prefix
-'partuza_url' => 'http://partuza/',
+'partuza_url' => 'http://partuza.opensocial.dachary.org/',
// Max age of a security token, defaults to one hour
'st_max_age' => 60 * 60,
A hint would be most welcome.
Cheers
Re: Bug or misunderstanding in OAuth with partuza.nl ?
Posted by Chris Chabot <ch...@google.com>.
What might be causing a conflict is that the caching of the OAuth keys is
based on the user ID + site name, so perhaps doing a rm -rf /tmp/osapi could
help when you're switching to different OAuth keys.
On Fri, Jul 3, 2009 at 8:29 AM, Loic Dachary <lo...@dachary.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Chris Chabot wrote:
> > Hey Loic,
> >
> > The OAuth token you find in the edit profile -> OAuth tab is the
> > one meant for 3 legged OAuth, and the one listed in the application
> > overview for 2 legged, so things were supposed to break in the
> > second attempt.
>
> Thanks for this clarification.
>
> > In the first situation though, as you noted it works with partuza
> > (which is exactly the same code as you're running locally), so it's
> > bound to be some configuration issue somewhere.
>
> Note that it does not work on partuza.nl with the key found in edit
> profile => OAuth.
> It only works on partuza.nl with the default key found in the
>
> http://opensocial-php-client.googlecode.com/files/opensocial-php-client-1.0.1.zip
> as installed at
>
> http://pokersource.info/opensocial-php-client/examples/listFriends.php?test=partuza
>
> If modifying the code of the example below is supposed to work, could
> it be that something is misconfigured on partuza.nl ? Or am I even
> more confused than before ?
>
> In the following line I used the keys that show on
> http://www.partuza.nl/profile/edit#oauth for
> http://www.partuza.nl/profile/1622
>
> $osapi = new osapi($provider,
>
> osapiOAuth3Legged::performOAuthLogin('d2eaf3fb-d7f2-cecf-9ce5-cfebeeebffc7',
> 'a0542a03a2ce8c3cb2032e724b0ecf75', new
> osapiFileStorage('/tmp/osapi'), $provider, $localUserId));
>
> and I get the following :
>
>
> *Fatal error*: Uncaught exception 'osapiException' with message 'Error
> requesting oauth access token, code 401, message: <html><body><h1>401
> - - Unexpected token type (request) or unknown token</h1></body></html>'
> in /var/www/opensocial-php-client/osapi/auth/osapiOAuth3Legged.php:118
> Stack trace: #0
> /var/www/opensocial-php-client/osapi/auth/osapiOAuth3Legged.php(83):
> osapiOAuth3Legged->upgradeRequestToken('c0eec0f0-f8cc-c...',
> '01784ca90bdec8e...') #1
> /var/www/opensocial-php-client/examples/__init__.php(58):
> osapiOAuth3Legged::performOAuthLogin('d2eaf3fb-d7f2-c...',
> 'a0542a03a2ce8c3...', Object(osapiFileStorage),
> Object(osapiPartuzaProvider), 'c5abdb7ae4b8a71...') #2
> /var/www/opensocial-php-client/examples/listFriends.php(18):
> require_once('/var/www/openso...') #3 {main} thrown in
> */var/www/opensocial-php-client/osapi/auth/osapiOAuth3Legged.php* on
> line *118*
>
> I'll try to make this work with a key other than the default against
> partuza.nl for now. Unless you suggest there is a better approach.
>
> Thanks
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAkpNpSsACgkQ8dLMyEl6F22OXACggzVRrdyan31k+R/pnOYRajhK
> ZMcAnj4X34y3yjlqZmBZt0g0upgM/pE/
> =UFpU
> -----END PGP SIGNATURE-----
>
>
Re: Bug or misunderstanding in OAuth with partuza.nl ?
Posted by Loic Dachary <lo...@dachary.org>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Chris Chabot wrote:
> Hey Loic,
>
> The OAuth token you find in the edit profile -> OAuth tab is the
> one meant for 3 legged OAuth, and the one listed in the application
> overview for 2 legged, so things were supposed to break in the
> second attempt.
Thanks for this clarification.
> In the first situation though, as you noted it works with partuza
> (which is exactly the same code as you're running locally), so it's
> bound to be some configuration issue somewhere.
Note that it does not work on partuza.nl with the key found in edit
profile => OAuth.
It only works on partuza.nl with the default key found in the
http://opensocial-php-client.googlecode.com/files/opensocial-php-client-1.0.1.zip
as installed at
http://pokersource.info/opensocial-php-client/examples/listFriends.php?test=partuza
If modifying the code of the example below is supposed to work, could
it be that something is misconfigured on partuza.nl ? Or am I even
more confused than before ?
In the following line I used the keys that show on
http://www.partuza.nl/profile/edit#oauth for
http://www.partuza.nl/profile/1622
$osapi = new osapi($provider,
osapiOAuth3Legged::performOAuthLogin('d2eaf3fb-d7f2-cecf-9ce5-cfebeeebffc7',
'a0542a03a2ce8c3cb2032e724b0ecf75', new
osapiFileStorage('/tmp/osapi'), $provider, $localUserId));
and I get the following :
*Fatal error*: Uncaught exception 'osapiException' with message 'Error
requesting oauth access token, code 401, message: <html><body><h1>401
- - Unexpected token type (request) or unknown token</h1></body></html>'
in /var/www/opensocial-php-client/osapi/auth/osapiOAuth3Legged.php:118
Stack trace: #0
/var/www/opensocial-php-client/osapi/auth/osapiOAuth3Legged.php(83):
osapiOAuth3Legged->upgradeRequestToken('c0eec0f0-f8cc-c...',
'01784ca90bdec8e...') #1
/var/www/opensocial-php-client/examples/__init__.php(58):
osapiOAuth3Legged::performOAuthLogin('d2eaf3fb-d7f2-c...',
'a0542a03a2ce8c3...', Object(osapiFileStorage),
Object(osapiPartuzaProvider), 'c5abdb7ae4b8a71...') #2
/var/www/opensocial-php-client/examples/listFriends.php(18):
require_once('/var/www/openso...') #3 {main} thrown in
*/var/www/opensocial-php-client/osapi/auth/osapiOAuth3Legged.php* on
line *118*
I'll try to make this work with a key other than the default against
partuza.nl for now. Unless you suggest there is a better approach.
Thanks
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkpNpSsACgkQ8dLMyEl6F22OXACggzVRrdyan31k+R/pnOYRajhK
ZMcAnj4X34y3yjlqZmBZt0g0upgM/pE/
=UFpU
-----END PGP SIGNATURE-----
Re: Bug or misunderstanding in OAuth with partuza.nl ?
Posted by Chris Chabot <ch...@google.com>.
Hey Loic,
The OAuth token you find in the edit profile -> OAuth tab is the one meant
for 3 legged OAuth, and the one listed in the application overview for 2
legged, so things were supposed to break in the second attempt.
In the first situation though, as you noted it works with partuza (which is
exactly the same code as you're running locally), so it's bound to be some
configuration issue somewhere.
My first guess would be that one or more of the OAuth URL's in the osapi
provider config is/are invalid, if it's not, could you please post the
source of the provider config you're using?
-- Chris
On Fri, Jul 3, 2009 at 12:11 AM, Loic Dachary <lo...@dachary.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi,
>
> I've installed
>
> http://opensocial-php-client.googlecode.com/files/opensocial-php-client-1.0.1.zip
> and was able to use
>
> http://pokersource.info/opensocial-php-client/examples/listFriends.php?test=partuza
> successfully out of the box.
>
> I tried to replace the consumer key and the consumer secret with the
> ones that show at http://partuza.opensocial.dachary.org/profile/edit#oauth
>
> as follows in the __init__.py file
>
> $osapi = new osapi($provider,
>
> osapiOAuth3Legged::performOAuthLogin('d2eaf3fb-d7f2-cecf-9ce5-cfebeeebffc7',
> 'a0542a03a2ce8c3cb2032e724b0ecf75', new
> osapiFileStorage('/tmp/osapi'), $provider, $localUserId));
>
> but got
>
>
> Fatal error: Uncaught exception 'osapiException' with message 'Error
> requesting oauth access token, code 401, message: <html><body><h1>401
> - - Unexpected token type (request) or unknown token</h1></body></html>'
> in /var/www/opensocial-php-client/osapi/auth/osapiOAuth3Legged.php:118
> Stack trace: #0
> /var/www/opensocial-php-client/osapi/auth/osapiOAuth3Legged.php(83):
> osapiOAuth3Legged->upgradeRequestToken('c0eec0f0-f8cc-c...',
> '01784ca90bdec8e...') #1
> /var/www/opensocial-php-client/examples/__init__.php(57):
> osapiOAuth3Legged::performOAuthLogin('d2eaf3fb-d7f2-c...',
> 'a0542a03a2ce8c3...', Object(osapiFileStorage),
> Object(osapiPartuzaProvider), 'c5abdb7ae4b8a71...') #2
> /var/www/opensocial-php-client/examples/listFriends.php(18):
> require_once('/var/www/openso...') #3 {main} thrown in
> /var/www/opensocial-php-client/osapi/auth/osapiOAuth3Legged.php on
> line 118
>
> I then tried to install an application ( simple Hello World ), went to
> the edit application page and tried the consumer key / secret I found
> there.
>
> $osapi = new osapi($provider,
>
> osapiOAuth3Legged::performOAuthLogin('fadce8f8-e6da-cbf1-b6ee-ffdffcd3ecff',
> '03b\
> 91c788ebb3146f05d1d5680adfab3', new osapiFileStorage('/tmp/osapi'),
> $provider, $localUserId));
>
> but got :
>
>
> Fatal error: Uncaught exception 'osapiException' with message 'Error
> requesting oauth access token, code 401, message: <html><body><h1>401
> - - Unexpected token type (request) or unknown token</h1></body></html>'
> in /var/www/opensocial-php-client/osapi/auth/osapiOAuth3Legged.php:118
> Stack trace: #0
> /var/www/opensocial-php-client/osapi/auth/osapiOAuth3Legged.php(83):
> osapiOAuth3Legged->upgradeRequestToken('c0eec0f0-f8cc-c...',
> '01784ca90bdec8e...') #1
> /var/www/opensocial-php-client/examples/__init__.php(60):
> osapiOAuth3Legged::performOAuthLogin('fadce8f8-e6da-c...',
> '03b91c788ebb314...', Object(osapiFileStorage),
> Object(osapiPartuzaProvider), 'c5abdb7ae4b8a71...') #2
> /var/www/opensocial-php-client/examples/listFriends.php(18):
> require_once('/var/www/openso...') #3 {main} thrown in
> /var/www/opensocial-php-client/osapi/auth/osapiOAuth3Legged.php on
> line 118
>
> again. I think I'm officially lost ;-)
>
> Thanks in advance for any hint.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAkpNMI4ACgkQ8dLMyEl6F21a3wCfaWGGlF6EPicXLVICsQ6yUUIB
> YfEAoLRk35oB8g/TheE7A39XS9L/TAY2
> =DkEn
> -----END PGP SIGNATURE-----
>
>