Android Google Calendar Authorization Problem_问答_开发者

Android Google Calendar Authorization Problem

开发者 https://www.devze.com 2023-02-25 10:36 出处：网络

I\'m trying to make an app that accesses a user\'s Google Calendar using OAuth. I have the code in place that gets all of the proper tokens and they are saved into some preferences. I used the tutoria

I'm trying to make an app that accesses a user's Google Calendar using OAuth. I have the code in place that gets all of the proper tokens and they are saved into some preferences. I used the tutorial here to do this all, by the way. I have successfully changed the scope and request URL's so that I'm getting the ne开发者_如何学JAVAeded tokens. The problem comes when I actually try to USE the token. Instead of calendar info, I get back some HTML that says "Unknown authorization header Error 401". The request URL I am using is:

 https://www.google.com/calendar/feeds/default/allcalendars/full

and the scope is:

 http://www.google.com/calendar/feeds/

I have tried replacing 'default' with my email address (which is also the one that I used for the OAuth) to no avail. Am I using the wrong URL? if not, what else could cause this error? I have been looking for a few days now to find someone who has accessed the Calendar using OAuth, but everything I have found is people giving up because it's too difficult or doesn't work.

EDIT:

I believe my header is correct, here is an example of it:

 OAuth oauth_token="************-********-**********-****", 
 oauth_consumer_key="anonymous", 
 oauth_version="1.0", 
 oauth_signature_method="HMAC-SHA1", 
 oauth_timestamp="1303161387", 
 oauth_nonce="*******************", 
 oauth_signature="*******************"

That is pulled directly from my app, and from what I could find it looks right to me, but I'm still getting the error above (Unknown Authorization Header Error 401).

The Authorization header needs to be "Authorization: OAuth oauth_nonce="deadbeefdeadbeef" oauth_version="1.0" ....

See http://code.google.com/apis/accounts/docs/OAuth_ref.html#RequestToken. You can, supposedly, also but the authorization parameters in the querystring or in the body of a POST, but I have not attempted that.

As noted in the comments below, Google is now, at least with the Calendar feed, appending a 'gsessionid=' querystring and redirecting; and so a redirect handler must create a new nonce and timestamp, and make a new signature making sure to add the gsessionid to the base signature string in the correct lexicographical order (preceding any of the oauth_ variables).