Re: [Snowy] Tomboy sync problem

From: Rodrigo Moya <rodrigo gnome-db org>
To: Sandy Armstrong <sanfordarmstrong gmail com>
Cc: snowy-list gnome org
Subject: Re: [Snowy] Tomboy sync problem
Date: Mon, 08 Mar 2010 13:16:52 +0100

On Sat, 2010-03-06 at 14:22 -0800, Sandy Armstrong wrote:
> On Sat, Mar 6, 2010 at 1:56 PM, Benoit Garret
> <benoit garret_gnome gadz org> wrote:
> > Hi,
> > On Sat, Mar 6, 2010 at 10:19 PM, J. Bobby Lopez <jbl jbldata com> wrote:
> >>
> >> Just following up on a conversation with sandy:
> >>  16:10 < jbl> "GET /api/1.0 HTTP/1.0" 301 0
> >>  16:10 < jbl> "GET /api/1.0/ HTTP/1.0" 200 249
> >>  16:10 < jbl> "POST /oauth/request_token/ HTTP/1.0" 401 98
> >
> > I was bitten by something that looked like this before, it was because my
> > server's date and time weren't setup correctly.
> 
> Wow, great catch Benoit.  jbl said his server was ahead by 30 minutes.
>  This is something we'll need to figure out.  I get that OAuth uses
> timestamps, but it seems like this could turn into a bigger problem.
> I would guess the root issue is somewhere in Piston (hopefully not in
> the OAuth spec itself).
> 
yes, AFAIR the OAuth signature has a timestamp argument, which includes
the time of the signature generation, and, I think, there is a 5 minutes
window for that timestamp, so if the diff in time between the server and
the client is more than those 5 mins, it will fail thinking the
signature is incorrect.

References:
- [Snowy] Tomboy sync problem
  - From: J. Bobby Lopez
- Re: [Snowy] Tomboy sync problem
  - From: Benoit Garret
- Re: [Snowy] Tomboy sync problem
  - From: Sandy Armstrong

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]