Can't insert contacts With 2 Legged OAuth

[GoogleCodeExporter]

(I'm posting this at the request of Vic in the Google Apps APIs Team. 
Several of us in the forums are seeing this problem.)

I can read contacts using 2 Legged OAuth with no difficulty, but any time 
I try to insert, update, or delete contacts with 2 Legged OAuth, I get 401 
Unauthorized. This started failing sometime last summer - prior to that, 
our 2 Legged OAuth unit tests worked properly.

Steps to reproduce issue:
1. Start with the latest snapshot of the Google API. I'm using 1.4.2. (The 
problem also happens with the 1.4.0.2 stable release, but the repro code 
is longer.)
2. In "contactstest.cs", in the function ModelBatchContactsTest(), switch 
to the 2-Legged OAuth constructor for the RequestSettings object. For 
example:
rs = new RequestSettings
(this.ApplicationName, "mydomain.com", "NIy8YyjWtdMw;9smMxvl7", "myuser", "
mydomain.com");

I also encountered the Expect100 problem, so I added this code to the 
ContactsTestSuite constructor:

System.Net.ServicePointManager.Expect100Continue = false;

3. Run the test in NUnit.

Expected result:
Unit test succeeds;

Actual result:
Unit tests fails with 401 Unauthorized.

Since our code can read contacts using 2 Legged OAuth with no difficulty, 
I believe that this isn't caused by the typical problems, such as the 
wrong time on the server or a misbehaving firewall. If I look at the raw 
http POST data, all of the headers look correct.

Our code is running on end-users' computers at arbitrary IP addresses.

Other developers are reporting the same problem in the forums:
http://www.google.com/support/forum/p/apps-apis/thread?
tid=10fdc404655ed53d&hl=en

Original issue reported on code.google.com by j...@connectedsw.com on 12 Feb 2010 at 7:34

[GoogleCodeExporter]

That's not your actual Consumer Secret is it?  If so you might consider 
generating a
new one.

Original comment by benny.hauk on 15 Feb 2010 at 3:38

[GoogleCodeExporter]

Thanks for double checking, but the Consumer Secret in the sample code was 
randomized before I posted it.

Original comment by j...@connectedsw.com on 15 Feb 2010 at 6:06

[GoogleCodeExporter]

There is a workaround to this issue described in this forum post: 
http://www.google.com/support/forum/p/apps-apis/thread?
tid=6c1d54de69c213a9&hl=en

In the mean time please try it if that works for you!

Cheers!

Original comment by api.nico...@gtempaccount.com on 15 Mar 2010 at 11:33

[GoogleCodeExporter]

Fix checked into subverison include a unittest that does it

Original comment by fman...@gmail.com on 23 Mar 2010 at 6:02

• Changed state: Fixed

[GoogleCodeExporter]

I've tried the update and now it works sometimes, but there are still problems:

1. When I run ModelInsertWithOAuthContactsTest() with no changes other than 
updating 
RequestSettings, the second "page" of 25 contacts fails with (401) 
Unauthorized. 
Here is the output from NUnit. Note that the xoauth_requestor_id is missing.

Google.GData.Client.LiveTests.ContactsTestSuite.ModelInsertWithOAuthContactsTest
:
Google.GData.Client.GDataRequestException : Execution of request failed: 
http://www.google.com/m8/feeds/contacts/ihop@connectedsoftware.biz/full?start-
index=26&max-results=25
  ----> System.Net.WebException : The remote server returned an error: (401) 
Unauthorized.

2. If I modify DeleteAllContacts() to create the RequestSettings using 2-Legged 
OAuth instead of normal login (and set the PageSize to 100 to work around #1), 
then 
the call to cr.Batch() fails with (401) Unauthorized. I would propose including 
a 
unit test for Batch() and 2-Legged OAuth.

3. The code in contacttest.cs includes this sample line:
RequestSettings rs = new RequestSettings
(this.ApplicationName, "mantek.org", "1dsdsfsdfsf", "frank@mantek.org", 
"mantek.org")
;

I'm seeing that the fourth parameter should not include the domain name. It 
should 
just be "frank". If it includes the domain name, then the domain name shows up 
twice 
in the xoauth_requestor_id.

Two other issues I saw, unrelated to this bug:

A. The unit test does not contain code to fix the Expect100 problem. Therefore 
it 
won't run at all unless I add this line to the constructor for 
ContactsTestSuite:
System.Net.ServicePointManager.Expect100Continue = false;
Should I create a new bug, or why would the unit tests work without that line?

B. Minor nit - the call to cr.Batch() in DeleteAllContacts() specifies 
GDataBatchOperationType.insert. To prevent confusion, it should probably 
specify 
GDataBatchOperationType.delete.

Original comment by j...@connectedsw.com on 23 Mar 2010 at 8:00

[GoogleCodeExporter]

Ok, i know why the "next" stuff does not work (paging), and i will fix that. I 
will check why the batch code fails.

the except continue issue does not happen for me, hence i do not need a change 
for that.

Original comment by fman...@gmail.com on 23 Mar 2010 at 8:04

• Changed state: Started

[GoogleCodeExporter]

I've moved the Expect100 discussion over to Bug #264, where I've also provided 
http 
logging data.

Original comment by j...@connectedsw.com on 23 Mar 2010 at 8:40

[GoogleCodeExporter]

Ok, more changes. I dislike 2 legged oauth, consistently rewiring the URIs (the 
base problem here is that you get 
a feed and all the links inside the feed do NOT contain the requestor 
parameter) is tricky. The tests so far work. 
Moved the ModelInsterWithOAuthContactsTest into the oauth suite, modified the 
deleteallcontacts to be able to 
use 2 legged oauth and excercise it. 

Original comment by fman...@gmail.com on 24 Mar 2010 at 9:11

• Changed state: Fixed