I am using the Google/YouTube APIs to develop web application which needs access to a users YouTube account.

Normal unsecure requests work fine and I can upgrade one time tokens to session tokens without any hassle. The problem comes when I try and upgrade a secure token to a session token, I get:

ERROR - Token upgrade for CIzF3546351vmq_P____834654G failed : Token upgrade failed. Reason: Invalid AuthSub signature.

i use this:

    function updateAuthSubToken($singleUseToken)
    {
        try {
        $client = new Zend_Gdata_HttpClient();
        $client->setAuthSubPrivateKeyFile( /home/myrsakey.pem , null, true);
        $sessionToken = Zend_Gdata_AuthSub::getAuthSubSessionToken($singleUseToken, $client);
        $sessionToken = Zend_Gdata_AuthSub::getAuthSubSessionToken(trim($singleUseToken), $client);  
        //$client->setAuthSubToken($sessionToken); 
        } catch (Zend_Gdata_App_Exception $e) {
            print  ERROR - Token upgrade for   . $singleUseToken
                .   failed :   . $e->getMessage();
            return;
        }
        $_SESSION[ sessionToken ] = $sessionToken;
        $date = gmdate("M d Y H:i:s", mktime(0, 0, 0, 1, 1, 1998));
        header( Authorization: AuthSub token=" .$_SESSION[ sessionToken ]. " data="GET 
    https://www.youtube.com/auth_sub_request  .$date.  15948652339726849410"  . 
     sig="MIICXAIBAAKBgQDLJn/sr7TrmQpsEaL312k9dEpikVGFHbE+FjNg7/lfagkTZXf3 .
     t96omgSEyZat2RcckVAGs9dU5kbGLJxEaW2ChQplzCKDi+20HZZo7C1QCluaMJ6b .
    ...
     0pj+zWPy4T04PH3elN6EkhQ5Vxy5wbBkugqIDqfOKuM="  .
     sigalg="rsa-sha1" );
        }

i don t understand what is: nonce: a random 64-bit, unsigned number encoded as an ASCII string in decimal! i must put is after $date (... .$date. 15948652339726849410" ... )