Google API: Logging in with AuthSub Part 3
Remember that “next” variable that we passed to google in my previous post? That’s the URL that google will send our users to after they go through the approval process on Google.com. They have to do two things, first login to Google.com, then either grant or deny your request to access their google data. If they grant you access it will redirect them back to the next URL. But just so you know, if they deny your request, it will STILL give them the “next” link to click on, but it will not pass a token back to your page. That may throw an error if you’re expecting it.
Once we have that token, we need to make a request for a SubSessionToken. Yes, we need ANOTHER token just so you’ll be confused. Here’s the code for the SubSessionToken. Let’s discuss that first before we tie it all together.
<cffunction name="AuthSubSessionToken" returnType="string" >
<cfargument name="token"/>
<cfhttp url="https://www.google.com/accounts/AuthSubSessionToken" method="GET">
<cfhttpparam type="HEADER" name="Authorization" value="AuthSub token=#arguments.token#">
</cfhttp>
<cfif cfhttp.responseheader.status_code is "403">
<cfdump var="#cfhttp#">
<cfthrow detail="Token revoked! Either you passed in an incorrect token or the user manually revoked it.">
<cfelse>
<cfreturn trim(listlast(cfhttp.filecontent,"="))>
</cfif>
</cffunction>
The first thing to pay attention to is the cfargument passed in. This gets confusing very quickly. But you’ll grasp it. This token argument is the FIRST token passed back from our Previous token request. This will make sense in a minute when I tie this all together.
The next thing to notice is the cfhttpparam line. You’re probably used to type formfield and url. Maybe even cookie. I’m not surprised if you’ve never used type=”header” before. Don’t worry about it, few people do. I’m not exactly sure why Google does, it’s possibly a performance thing. Who knows? Anyway, the syntax above works.
The final section is the responseheader.status_code. A value of 403 means the token was revoked and you have to go through the first steps again. Your users can revoke your token from Google.com (click on “my account” then “authorized websites”) Or your token will be revoked if you screw up the request. Anyway, if it’s not a 403 we want to parse out the SubSessionToken out of the filecontent and return that value. A simple listlast will do the trick.
Let’s tie this all together. For simplicity sake, we’ll call this file1.cfm, file2.cfm and GoogleAuthenticate.cfc
<cfinvoke component="GoogleAuthenticate" method="AuthSubRequest">
<cfinvokeargument name="next" value="http://#cgi.http_host#/file2.cfm">
<cfinvokeargument name="scope" value="http://www.google.com/calendar/feeds">
<cfinvokeargument name="secure" value="0">
<cfinvokeargument name="session" value="1">
</cfinvoke>
Notice the next variable is pointing to file2.cfm (below)
<cfinvoke component="GoogleAuthenticate" method="AuthSubSessionToken" returnvariable="SubSessionToken">
<cfinvokeargument name="token" value="#url.token#">
</cfinvoke>
<cfoutput>#SubSessionToken#</cfoutput>
There you go. That’s not so hard is it? Play around with it and see if you can get it to work. We now have completed getting the two necessary tokens. Tune in tomorrow to learn about the undocumented (but vitally necessary) gSessionid! Same bat place!
After i cover the gSessionId, I’ll explain putting this into use with the calendar then the spreadsheet. That’s when it gets fun.
-Steve Nelson
