SSO token name must have spaces around "@"

Bug #1026843 reported by Emanuele Quinto
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Ubuntu One Developer Website
New
Undecided
Unassigned

Bug Description

I'm trying to connect to Ubuntu One from YQL to get Ubuntu One data as YQL table.

This requires to generate with Javascript the XML as outlined in http://developer.yahoo.com/yql/guide/yql-execute-chapter.html.

The only implementation in JS I found is on maemo.org for a QT client (http://goo.gl/ztuiw). Being in the YQL environment we can use y.rest instead of XMLHttpRequest.
There implementation of API authentication/access in php (http://askubuntu.com/questions/54185/ubuntu-one-oauth-login-from-php) and in Phyton (on the Ubuntu One site).

Basically the code should:

1) Create a new token in Ubuntu SSO (login.ubuntu.com).
2) Tell Ubuntu One about that new token.
3) Use that new token to sign a request to the Ubuntu One files API.

The code for the YQL is on github (https://github.com/emaV/labs/tree/master/oneubuntu-js).

<code>
// Include the OAuth libraries from oauth.net
y.include("http://oauth.googlecode.com/svn/code/javascript/oauth.js");
y.include("http://oauth.googlecode.com/svn/code/javascript/sha1.js");

function getToken(user, pass, token_name) {
  var url = "https://login.ubuntu.com/api/1.0/authentications";
  var uri = url + "?ws.op=authenticate&token_name=" + encodeURIComponent(token_name);
  var header_auth = 'Basic ' + y.crypto.encodeBase64(user + ":" + pass);
  // Get authentication
  var resp = y.rest(uri).header('Accept', 'application/xml').header('Authorization', header_auth).get().response;
  // cast to string
  var secrets = {
    consumerKey: String(resp.consumer_key),
    consumerSecret: String(resp.consumer_secret),
    token: String(resp.token),
    tokenSecret: String(resp.token_secret)
  };
  return secrets;
}

function registerToken(secrets, user) {
  var url = "https://one.ubuntu.com/oauth/sso-finished-so-get-tokens/" + user;
  reg = oAuthRequest(url, secrets);
  return reg;
}

function oAuthRequest(url, secrets, method, range) {
  if(!method) method = "GET";
  var message = {
    action: url,
    method: method,
    parameters: [
      ["oauth_consumer_key", secrets.consumerKey],
      ["oauth_token", secrets.token],
      ["oauth_version","1.0"]
    ]
  };
  OAuth.setTimestampAndNonce(message);
  OAuth.SignatureMethod.sign(message, secrets);
  var auth = OAuth.getAuthorizationHeader("", message.parameters);
  return = y.rest(url).header('Authorization', auth).get().response;
}

// Main
var OAuth;
var token_name = "Ubuntu One @test";

// 1 ) Get the token using HTML authentication
var secrets = getToken(email, pwd, token_name); // works

// 2) Register the token
var reg = registerToken(secrets, email); // works

// 3) Use API
var APIurl = "https://one.ubuntu.com/api/account/";
resp = oAuthRequest(APIurl, secrets);

</code>

Steps 1) and 2) seems ok but 3) still return "Invalid access token". The result from step 2 reads:

<log>oAuthRequest - url: https://<email address hidden></log>
<url execution-start-time="843" execution-stop-time="3236"
       execution-time="2393" proxy="DEFAULT"><![CDATA[https://<email address hidden>]]></url>
<log>oAuthRequest (https://<email address hidden>) - resp: </log>
<log>ok 0/1
</log>

So everything seems fine, but:

 <log>oAuthRequest - url: https://one.ubuntu.com/api/account/</log>
 <url execution-start-time="3257" execution-stop-time="3783"
            execution-time="526" http-status-code="401"
            http-status-message="UNAUTHORIZED" proxy="DEFAULT"><![CDATA[https://one.ubuntu.com/api/account/]]></url>
 <log>oAuthRequest (https://one.ubuntu.com/api/account/) - resp: </log>
<log>Invalid access token: PZvMjSewNiphQkDTtFAexTcOkrxbVSKPNBhOqOnFSeZUaLmmAt
</log>

I'm not sure if the issue is related to YQL but given the log doesn't seems so.

description: updated
Revision history for this message
Stuart Langridge (sil) wrote :

The 0/1 from sso-finished-so-get-token means that it found 0 valid tokens. The issue was that the token name needs to be "Ubuntu One @ something" with spaces around the "@".

Revision history for this message
Stuart Langridge (sil) wrote :

We will update the documentation.

summary: - Invalid access token from javascript oAuth
+ SSO token name must have spaces around "@"
Revision history for this message
Stuart Langridge (sil) wrote :

We should also look at making the response from sso-finished-so-get-tokens be more useful, to call out that nothing was done. This needs checking to see if anything relies on it!

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.