id,summary,reporter,owner,description,type,status,priority,milestone,component,version,severity,resolution,keywords,cc,focuses 21163,Blogger Importer Invalid Tokens,Workshopshed,,"When the users clicks on the authorise button google responds with an invalid token error. This is obviously a bit puzzling for the users. See http://wordpress.org/support/topic/plugin-blogger-importer-invalid-token The problem seems to be that the form with the authorise button is actually passing blank tokens. I can't reproduce the problem but I've reproduced their symptoms by switching the URL in get_oauth_link to a non existant one. This returns blank tokens to the form. If you then submit that form you get the invalid token error. Although this following patch is not actually a fix, we can report the error properly with a change to get_oauth_link and greet and hence it will be easier to diagnose issues. {{{ // Shows the welcome screen and the magic auth link. function greet() { $next_url = get_option('siteurl') . '/wp-admin/index.php?import=blogger&noheader=true'; $auth_url = $this->get_oauth_link(); $title = __('Import Blogger', 'blogger-importer'); $welcome = __('Howdy! This importer allows you to import posts and comments from your Blogger account into your WordPress site.', 'blogger-importer'); $prereqs = __('To use this importer, you must have a Google account and an upgraded (New, was Beta) blog hosted on blogspot.com or a custom domain (not FTP).', 'blogger-importer'); $stepone = __('The first thing you need to do is tell Blogger to let WordPress access your account. You will be sent back here after providing authorization.', 'blogger-importer'); $auth = esc_attr__('Authorize', 'blogger-importer'); $errormsg = __('Error occurred getting OAuth tokens from Google', 'blogger-importer') echo ""
"" . screen_icon() . ""

$title

$welcome

$prereqs

$stepone

""; if (!is_wp_error($auth_url)) { echo ""

\n""; } else { echo $errormsg; echo '
                    '.$auth_url->get_error_message().'
                    
' ; } } function get_oauth_link() { // Establish an Blogger_OAuth consumer $base_url = get_option('siteurl') . '/wp-admin'; $request_token_endpoint = 'https://www.google.com/accounts/OAuthGetRequestToken'; $authorize_endpoint = 'https://www.google.com/accounts/OAuthAuthorizeToken'; $test_consumer = new Blogger_OAuthConsumer('anonymous', 'anonymous', null); // anonymous is a google thing to allow non-registered apps to work //prepare to get request token $sig_method = new Blogger_OAuthSignatureMethod_HMAC_SHA1(); $parsed = parse_url($request_token_endpoint); $params = array('callback' => $base_url, 'scope' => 'http://www.blogger.com/feeds/', 'xoauth_displayname' => 'WordPress'); $req_req = Blogger_OAuthRequest::from_consumer_and_token($test_consumer, null, ""GET"", $request_token_endpoint, $params); $req_req->sign_request($sig_method, $test_consumer, null); // go get the request tokens from Google $req_response = wp_remote_get($req_req->to_url(), array('sslverify' => false)); if (is_wp_error($req_response)) { return $req_response; } $req_token = wp_remote_retrieve_body($req_response); // parse the tokens parse_str($req_token, $tokens); $oauth_token = $tokens['oauth_token']; $oauth_token_secret = $tokens['oauth_token_secret']; $callback_url = ""$base_url/index.php?import=blogger&noheader=true&token=$oauth_token&token_secret=$oauth_token_secret""; return array('url' => $authorize_endpoint, 'oauth_token' => $oauth_token, 'oauth_callback' => $callback_url); } }}} p.s. Sorry I've still not mastered DIFF!",defect (bug),closed,normal,WordPress.org,Import,,normal,invalid,,,