Code
opensocial-php-client - issue #55
Google (3 legged) is broken because of Invalid AuthSub signature
What steps will reproduce the problem? 1. Run example script /osapi/examples/listFriends.php?test=google3legged 2. User is been redirected to google universal login:
- User is redirected back to application:
/osapi/examples/listFriends.php?test=google3legged&oauth_continue=1&token=4%2F99nXWnagMtXMFs4YyAbXF_kqYfNn&key=sM2Yty3eLSxpj+GywUL0Qv1P&oauth_token=4%2F99nXWnagMtXMFs4YyAbXF_kqYfNn
- Php error:
<b>Fatal error</b>: Uncaught exception 'osapiException' with message 'Error requesting oauth access token, code 400, message: signature_invalid base_string:GET&https%3A%2F%2Fwww.google.com%2Faccounts%2FOAuthGetAccessToken&oauth_consumer_key%3Danonymous%26oauth_nonce%3Dce5d7c877689466772d01e08a3bb964b%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1252589771%26oauth_token%3D4%252F99nXWnagMtXMFs4YyAbXF_kqYfNn%26oauth_version%3D1.0
' in C:\dev\dex_v2\src\osapi\auth\osapiOAuth3Legged.php:115 Stack trace:
0 C:\dev\dex_v2\src\osapi\auth\osapiOAuth3Legged.php(81):
osapiOAuth3Legged->upgradeRequestToken('4/99nXWnagMtXMF...', 'sM2Yty3eLSxpj G...')
1 C:\dev\dex_v2\src\examples__init__.php(115):
osapiOAuth3Legged::performOAuthLogin('anonymous', 'anonymous', Object(osapiFileStorage), Object(osapiGoogleProvider), 'kogg6dvrhv2vuuf...')
2 C:\dev\dex_v2\src\examples\listFriends.php(18):
require_once('C:\dev\dex_v2\s...')
3 {main}
thrown in <b>C:\dev\dex_v2\src\osapi\auth\osapiOAuth3Legged.php</b> on line <b>115</b><br />
All other providers work. I have tried with also with "OAuth for Web Applications" key and secret and got the same error.
I'm using revision 192.
I have noticed that in OAuthGetAccessToken request the oauth_verifier parameter does not exists as suggested by Google's documentation: http://code.google.com/apis/accounts/docs/OAuth_ref.html#AccessToken
Status: New
Labels:
Type-Defect
Priority-Medium