views:

550

answers:

1

Retreiving the URL http://www.google.com/reader/api/0/token returns a token, which is periodically updated. What's required to generate this token? Apparently, and I'm guessing a, or some, cookies are accessed by Google for authentication.

Here are my results so far:

thufir@ARRAKIS:~/projects/curl$
thufir@ARRAKIS:~/projects/curl$ ruby token.rb
<html><head><title>403 Forbidden</title>
<style type="text/css">
      body {font-family: arial,sans-serif}
      div.nav {margin-top: 1ex}
      div.nav A {font-size: 10pt; font-family: arial,sans-serif}
      span.nav {font-size: 10pt; font-family: arial,sans-serif; font-weight: bold}
      div.nav A,span.big {font-size: 12pt; color: #0000cc}
      div.nav A {font-size: 10pt; color: black}
      A.l:link {color: #6f6f6f}
      </style></head>
<body text="#000000" bgcolor="#ffffff"><table border="0" cellpadding="2" cellspacing="0" width="100%"></table>
<table><tr><td rowspan="3" width="1%"><b><font face="times" color="#0039b6" size="10">G</font><font face="times" color="#c41200" size="10">o</font><font face="times" color="#f3c518" size="10">o</font><font face="times" color="#0039b6" size="10">g</font><font face="times" color="#30a72f" size="10">l</font><font face="times" color="#c41200" size="10">e</font>&nbsp;&nbsp;</b></td>
<td>&nbsp;</td></tr>
<tr><td bgcolor="#3366cc"><font face="arial,sans-serif" color="#ffffff"><b>Error</b></font></td></tr>
<tr><td>&nbsp;</td></tr></table>
<blockquote><h1>Forbidden</h1>
Your client does not have permission to get URL <code>/reader/api/0/token</code> from this server.
<p></p></blockquote>
<table width="100%" cellpadding="0" cellspacing="0"><tr><td bgcolor="#3366cc"><img alt="" width="1" height="4"></td></tr></table></body></html>
thufir@ARRAKIS:~/projects/curl$
thufir@ARRAKIS:~/projects/curl$ nl token.rb
     1    require 'rubygems'
     2    require 'curb'

     3    token_url = "http://www.google.com/reader/api/0/token"


     4      c = Curl::Easy.perform(token_url)
     5      puts c.body_str
thufir@ARRAKIS:~/projects/curl$
A: 

Take a look at the Google Reader API Auth outlined here. ClientLogin is the simpler approach, but OAuth is probably the more robust solution if you want to deploy it for multiple users. Also using OAuth will save you the trouble of dealing with Google user credentials which should be treated carefully.

Sanjay