17.4.7. OAuth QA
MySpace Tools
In order to use the MySpace OAuth Testing Tool :
-
Need to have registered myspace account.
-
Need to apply to build apps on the MySpace Developer Platform.
Google Tools
Google's OAuth playground tool can be tried here .
Register your domain in Google
In order to use the tool, you need to register the web application as domain:
-
Login at your gmail account
-
Go to https://www.google.com/accounts/ManageDomains
-
Enter in the field for ex. the QA server ec2-67-202-42-146.compute-1.amazonaws.com and click the "Add Domain" button.
Note: for now registered domains cannot be deleted (not supported from the Google UI)
-
As result the domain will be created and the manage domain page will be opened. Here you need to verify you have admin privileges by choosing verification method
-
Choose "Upload an HTML file" and follow further the instructions.
-
Once the file is put in the correct server root, you should get the confirmation page:
Figure 17.43. Google OAuth
-
Click the "Agree .." buttons.
-
As result will be additional setting page you need to change. Type in for "Target URL path prefix:": http://ec2-67-202-42-146.compute-1.amazonaws.com/ods
Figure 17.44. Google OAuth
-
Click the "Save" button.
-
As result will be shown the generated OAuth Consumer Secret for the OAuth Consumer Key: ec2-67-202-42-146.compute-1.amazonaws.com:
OAuth Consumer Key: ec2-67-202-42-146.compute-1.amazonaws.com OAuth Consumer Secret: uEkfBvpMhTTT/VyFItEnEYt4
-
Also will be shown "test" link "Test your AuthSub registration here". Click it.
-
As result will be opened new window with OAuth request
-
Click the "Grant Access" button.
Figure 17.45. Google OAuth
-
As result will be redirected to http://ec2-67-202-42-146.compute-1.amazonaws.com/ods/
-
Now lets return to our initial window and click there the button "Save".
-
Note that already is shown for the domain that is "Active":
Figure 17.46. Google OAuth
The Playground Tool qa steps
Let's try the playground tool:
-
Go to http://googlecodesamples.com/oauth_playground/
-
Select Scope, for ex. check the check-box for "Blogger".
-
Change oauth signature_method to HMAC-SHA1
-
Enter for "oauth consumer_key": ec2-67-202-42-146.compute-1.amazonaws.com
-
Enter for "consumer secret" the value generated from above.
-
Click the "Request token" button.
-
As result will get Response with Status Ok
Figure 17.47. Google OAuth
-
the Signature base string:
GET&https%3A%2F%2Fwww.google.com%2Faccounts%2FOAuthGetRequestToken&oauth_consumer_key %3Dec2-67-202-42-146.compute-.amazonaws.com%26oauth_nonce%3D60f50c8800b2f52807732ca1ae3855ef %26oauth_signature_method%3DHMACSHA1%26oauth_timestamp%3D1224191856%26oauth_version%3D1.0 %26scope%3Dhttp%253A%252F%252Fwww.blogger.com%252Ffeeds%252F
-
the Authorization header:
Authorization: OAuth oauth_version="1.0", oauth_nonce="60f50c8800b2f52807732ca1ae3855ef", oauth_timestamp="1224191856", oauth_consumer_key="ec2-67-202-42-146.compute-1.amazonaws.com", oauth_signature_method="HMAC-SHA1", oauth_signature="nohPMCw%2BMrO8%2FwslS4oEm2wfuhg%3D"
-
the Response body:
HTTP/1.1 200 OK Content-Type: text/plain; charset=UTF-8 Date: Thu, 16 Oct 2008 21:17:37 GMT X-Content-Type-Options: nosniff Expires: Thu, 16 Oct 2008 21:17:37 GMT Cache-Control: private, max-age=0 Content-Length: 76 Server: GFE/1.3 oauth_token=COW3iN_7HxCXqfuzAQ&oauth_token_secret=ulsD7N5SuY16qC%2FvY2Sdk3AS
-
-
And also in the "Get the Token" section now will be active the "Authorize" button. Click it.
Figure 17.48. Google OAuth
-
As result will be shown the authentication page where you need to click the "Grant Access" button:
Figure 17.49. Google OAuth
-
As result now in the "Get the Token" section will be active the "Access token" button. Click it.
Figure 17.50. Google OAuth
-
As result the access_token will be obtained:
Figure 17.51. Google OAuth
-
Click the "available feeds" button marked as 6.
-
As result in the "Response" body section will be shown:
Blogger http://www.blogger.com/feeds/default/blogs http://www.blogger.com/feeds/<blogID>/posts/default http://www.blogger.com/feeds/<blogID>/[<postID>]/comments/default
-
Copy the 1st URL and paste in the field after the method GET.
-
Click "execute".
-
As result will find your blogs, post, info at Blogger:
Figure 17.52. Google OAuth