We're speaking at
CFUnited 2008:
CFUnited - The Premiere ColdFusion Technical Conference

Search

Calendar

<< May 2008 >>
SunMonTueWedThuFriSat
    123
45678910
11121314151617
18192021222324
25262728293031

Subscribe Enter your email address to subscribe to this blog. You'll receive an email when we write a new post.

Recent Entries Come On In, Rails-The Water's Warm
Shan's Simple Examples: File uploads with Flex and ColdFusion

Recent Comments Google Calendar API - Creating a new Calendar with ColdFusion
Steve Julian said: When and where are you going to post the finished CFC's ? Thanks [more]

Three Phases of Programmer Development
Pat Branley said: I normally think of those phase 2 people as 'programmers' and the phase 3 people as 'developers'. I... [more]

New Job Title: Front End Engineer
Sean Corfield said: Well, there's always the excellent Fusion Authority Quarterly Journal... [more]

Down To The Wire: HTTP Sniffers
Brian M said: I second the mention of the Charles Web Debugging Proxy that Tariq mentioned. It is fantastic. It s... [more]

New Job Title: Front End Engineer
Patrick said: Heya Sean. Good point. I never understood how they did things over there at SysCon, and I understand... [more]

Archives By Subject Business of Software (4) [RSS]
ColdFusion (318) [RSS]
Conferences (6) [RSS]
Databases (87) [RSS]
Flex & Flash (109) [RSS]
Fusebox (87) [RSS]
General Development (29) [RSS]
Google (9) [RSS]
Hardware (5) [RSS]
JVM & Java (132) [RSS]
Linux (20) [RSS]
Miscellaneous (254) [RSS]
Performance (8) [RSS]
SeeFusion (36) [RSS]
Shan's Simple Examples (7) [RSS]
User Interface (3) [RSS]
Windows (5) [RSS]

Archives By Poster Daryl Banttari (10)
Nat Papovich (29)
Patrick Quinn (36)
Shannon Hicks (22)
Steve Nelson (21)
Tyson Vanek (3)


bottom corner

Google API: Using gSessionId with AuthSub Part 4

Posted At : January 30, 2008 5:46 AM | Posted By : Steve Nelson
Related Categories: Google

I swear this is a bug. It has to be a bug because it's so ridiculous. If it's not a bug, I hope someone can explain it.

After you finish part 1 and part 2 of logging in using Google's AuthSub. You'll find it's just not enough. Something really weird happens if you attempt to get a list of calendars.

You get an HTTP 302 error. An HTTP 302 error is a redirect error. In a nutshell it's as if they have a cflocation on the first line of their Application.cfc file (translate that into whatever language Google is using). If you automatically redirect on a page that you send a post request to, all the headers are lost. In other words, everything gets screwed up. So here's how to fix it...

Add this code to the GoogleAuthenticate.cfc file:

<cffunction name="getCalendarSessionId" >
   <cfargument name="token" type="string"/>
   <cfset var gsessionid="">
   <cfhttp url="http://www.google.com/calendar/feeds/default/owncalendars/full" method="post" redirect=false>
      <cfhttpparam type="header" name="Authorization" value="AuthSub token=#arguments.token#">
      <cfhttpparam type="header" name="Content-Type" value="application/atom+xml">
   </cfhttp>
   <cfif cfhttp.responseheader.status_code is "302">
      <cfset gsessionid = listlast(cfhttp.responseheader.location, "=")>
   </cfif>
   <cfreturn gsessionid/>
</cffunction>

Are you confused yet? The first question to ask is... What is the token argument? Is it the first token or the second token?

Use the second token. If you really want to understand why, ask and I'll explain.

So all we're doing here is attempting to get a list of calendars. The cfhttpparam header passing in the token tells Google which user's calendars to get. It's going to fail and that's ok, we're expecting it to.

It's going to return an http 302 error. That 302 error will give us a URL to redirect the user to. On the end of the URL is a gSessionId. That's what we want. Strip off the gSessionId and cfreturn it.

This is the last of the Authsub steps you need to do. From here on out every Google API cfhttp request will include an AuthSub token in the header and the url includes: ?gsessionid=#arguments.gsessionid# Here's an example:

<cfhttp url="http://www.google.com/calendar/feeds/default/owncalendars/full?gsessionid=#arguments.gsessionid#" method="post" redirect=false>
<cfhttpparam type="header" name="Authorization" value="AuthSub token=#arguments.token#">
...

These two things tell Google who's data to get. Again, I swear this gSessionId is a bug. In my opinion, there should be no reason you need BOTH an Authorization token AND a sessionId. They're programmatically redundant. But, tough luck, you need them both.

Tomorrow we'll switch gears and start looking at the Google Calendar API itself.

-Steve Nelson

Comments (0) | Send | del.icio.us | Linking Blogs
Comments

There are no comments for this entry.

Add Comment

bottom corner