We're speaking at
CFUnited 2008:

CFUnited - The Premiere ColdFusion Technical Conference

Calendar

<< May 2008 >>

Sun	Mon	Tue	Wed	Thu	Fri	Sat
				1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30	31

Recent Entries Come On In, Rails-The Water's Warm
Shan's Simple Examples: File uploads with Flex and ColdFusion

Recent Comments Google Calendar API - Creating a new Calendar with ColdFusion
Steve Julian said: When and where are you going to post the finished CFC's ? Thanks [more]

Three Phases of Programmer Development
Pat Branley said: I normally think of those phase 2 people as 'programmers' and the phase 3 people as 'developers'. I... [more]

New Job Title: Front End Engineer
Sean Corfield said: Well, there's always the excellent Fusion Authority Quarterly Journal... [more]

Down To The Wire: HTTP Sniffers
Brian M said: I second the mention of the Charles Web Debugging Proxy that Tariq mentioned. It is fantastic. It s... [more]

New Job Title: Front End Engineer
Patrick said: Heya Sean. Good point. I never understood how they did things over there at SysCon, and I understand... [more]

Archives By Subject Business of Software (4) [RSS]
ColdFusion (318) [RSS]
Conferences (6) [RSS]
Databases (87) [RSS]
Flex & Flash (109) [RSS]
Fusebox (87) [RSS]
General Development (29) [RSS]
Google (9) [RSS]
Hardware (5) [RSS]
JVM & Java (132) [RSS]
Linux (20) [RSS]
Miscellaneous (254) [RSS]
Performance (8) [RSS]
SeeFusion (36) [RSS]
Shan's Simple Examples (7) [RSS]
User Interface (3) [RSS]
Windows (5) [RSS]

Archives By Poster Daryl Banttari (10)
Nat Papovich (29)
Patrick Quinn (36)
Shannon Hicks (22)
Steve Nelson (21)
Tyson Vanek (3)

Google API: Logging in with AuthSub Part 3

Posted At : January 28, 2008 8:43 PM | Posted By : Steve Nelson
Related Categories: Google

Remember that "next" variable that we passed to google in my previous post? That's the URL that google will send our users to after they go through the approval process on Google.com. They have to do two things, first login to Google.com, then either grant or deny your request to access their google data. If they grant you access it will redirect them back to the next URL. But just so you know, if they deny your request, it will STILL give them the "next" link to click on, but it will not pass a token back to your page. That may throw an error if you're expecting it.

Once we have that token, we need to make a request for a SubSessionToken. Yes, we need ANOTHER token just so you'll be confused. Here's the code for the SubSessionToken. Let's discuss that first before we tie it all together.


<cffunction name="AuthSubSessionToken" returnType="string" >
   <cfargument name="token"/>
   <cfhttp url="https://www.google.com/accounts/AuthSubSessionToken" method="GET">
      <cfhttpparam type="HEADER" name="Authorization" value="AuthSub token=#arguments.token#">
   </cfhttp>
   <cfif cfhttp.responseheader.status_code is "403">
      <cfdump var="#cfhttp#">
      <cfthrow detail="Token revoked! Either you passed in an incorrect token or the user manually revoked it.">
   <cfelse>
      <cfreturn trim(listlast(cfhttp.filecontent,"="))>
   </cfif>
</cffunction>

The first thing to pay attention to is the cfargument passed in. This gets confusing very quickly. But you'll grasp it. This token argument is the FIRST token passed back from our Previous token request. This will make sense in a minute when I tie this all together.

The next thing to notice is the cfhttpparam line. You're probably used to type formfield and url. Maybe even cookie. I'm not surprised if you've never used type="header" before. Don't worry about it, few people do. I'm not exactly sure why Google does, it's possibly a performance thing. Who knows? Anyway, the syntax above works.

The final section is the responseheader.status_code. A value of 403 means the token was revoked and you have to go through the first steps again. Your users can revoke your token from Google.com (click on "my account" then "authorized websites") Or your token will be revoked if you screw up the request. Anyway, if it's not a 403 we want to parse out the SubSessionToken out of the filecontent and return that value. A simple listlast will do the trick.

Let's tie this all together. For simplicity sake, we'll call this file1.cfm, file2.cfm and GoogleAuthenticate.cfc


<cfinvoke component="GoogleAuthenticate" method="AuthSubRequest">
   <cfinvokeargument name="next" value="http://#cgi.http_host#/file2.cfm">
   <cfinvokeargument name="scope" value="http://www.google.com/calendar/feeds">
   <cfinvokeargument name="secure" value="0">
   <cfinvokeargument name="session" value="1">
</cfinvoke>

Notice the next variable is pointing to file2.cfm (below)


<cfinvoke component="GoogleAuthenticate" method="AuthSubSessionToken" returnvariable="SubSessionToken">
<cfinvokeargument name="token" value="#url.token#">
</cfinvoke>
<cfoutput>#SubSessionToken#</cfoutput>

There you go. That's not so hard is it? Play around with it and see if you can get it to work. We now have completed getting the two necessary tokens. Tune in tomorrow to learn about the undocumented (but vitally necessary) gSessionid! Same bat place!

After i cover the gSessionId, I'll explain putting this into use with the calendar then the spreadsheet. That's when it gets fun.

-Steve Nelson

Comments (0) | Send | del.icio.us | Linking Blogs

Related Blog Entries

Google Calendar XML: Deciphering the Data (February 7, 2008)
Google Calendar API: Using ColdFusion to get a list of Calendars (February 1, 2008)
Google API: Using gSessionId with AuthSub Part 4 (January 30, 2008)
Google API: Logging in with AuthSub Part 2 (January 25, 2008)
Google API: The cool way to Login Part 1 (January 24, 2008)

Comments

There are no comments for this entry.

Add Comment