search

google-code-export / gdata-python-client

Automatically exported from code.google.com/p/gdata-python-client
1 stars 0 forks source link

AppsService in Marketplace - SSL issues #416

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?
Singe Marketplace may use 2Legged Oauth for accessing app domains users I 'm 
trying to make  AppsService retrieve a list of users from a standard apps 
domain.

When given the client user/password (gdata.apps.service.AppsService) it works 
pretty well. But because application will be installed I need to use OAUTH 
using Consumer / Secret Keys generated in market place.

I can user the same oauth  authentication for spreadsheet services, but I can't 
for appsservice. 
It returns "403L Insecure HTTP requests not permitted" which sounds that I need 
to force the SSL use.

Problem is that if I move to ssl I can't authenticate users with openid.

Python Code snippet of GAE application:
...
client = gdata.apps.service.AppsService(domain='example.com')
client.SetOAuthInputParameters(
signature_method=gdata.auth.OAuthSignatureMethod.HMAC_SHA1,
consumer_key=CONSUMER_KEY,
consumer_secret=CONSUMER_SECRET, 
rsa_key=None,
two_legged_oauth=True, 
requestor_id=users.get_current_user()
)
feed = client.RetrieveAllNicknames()
...

When changing to port=80 / ssl = False I 
    get Error 403 - Insecure HTTP requests not permitted

When changing to port=443 / ssl = True I
    get Error 401 -  Token invalid - AuthSub token has wrong scope

I've spent some hours on this issue but can't workaround it, and will really 
appreciate any help.

Update:
1) Consumer, and Secret keys were generated in MarketPlace
2) User administrator (me) have grant access to Provisioning API
What is the expected output? What do you see instead?

What version of the product are you using?
2.0.10

Original issue reported on code.google.com by mazoqui on 27 Jul 2010 at 2:00

GoogleCodeExporter commented 9 years ago 
It seems that scope can't be assigned.
GDClient derivated classes does not raise any problem.

Original comment by mazoqui on 27 Jul 2010 at 4:14

GoogleCodeExporter commented 9 years ago 
[deleted comment]
GoogleCodeExporter commented 9 years ago 
Try this patch. Should help :)

Original comment by Jan.Koprowski on 2 Feb 2012 at 9:39

Attachments:

GoogleCodeExporter commented 9 years ago 
After creating the client object, execute client.ssl = True. This will cause 
the gdata api use a secure connection.

Original comment by eduardo....@netbr.com.br on 27 Apr 2012 at 1:13

GoogleCodeExporter commented 9 years ago 
http://stackoverflow.com/questions/9118028/insecure-http-requests-not-permitted-
use-https-when-trying-to-retrieve-user

Original comment by eduardo....@netbr.com.br on 27 Apr 2012 at 1:14