Quantcast

Invalid Token

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Invalid Token

Michael-2

Sorry, if it turns out as a stupid mistake, but I am at the end of my own knowledge to solve this issue on my MediaWiki 1.28 installation:

 

I am using a python3 script to 1) get the token, and 2) login via ‘clientlogin’, but I always receive the   

"error": {

        "code": "badtoken",

        "info": "Invalid token",

 

The taken is coming from     'action': 'query',     'meta': 'tokens',     'type': 'login', and I strip the last ‘\’.

 

This is my submission for Login:

Type: <class 'urllib.request.Request'>

Contents: {'_full_url': 'https://wiki.xxxxat.com/api.php', 'unredirected_hdrs': {}, '_tunnel_host': None, 'fragment': None, '_data': b'password=Lxxxxxxxx7&action=clientlogin&rememberMe=1&username=Admin&returnurl=https%3A%2F%2Fwiki.xxxxat.com%2F&logintoken=8f2d58f9cc8336543c7f67cf8a5926d058a95ede%2B%5C&requestid=byMichael', 'origin_req_host': 'wiki.xxxxat.com', 'selector': '/api.php', 'headers': {'Content-type': 'application/x-www-form-urlencoded'}, 'type': 'https', 'unverifiable': False, 'host': 'wiki.xxxxat.com'}

 

Following  the same procedure via ApiSandbox is working fine.

 

Thank you for your help!

 

 

 


_______________________________________________
Mediawiki-api mailing list
[hidden email]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-api
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Invalid Token

Betacommand
Don't strip the last \ its part of a legacy validity check. Always pass whatever you get back the way you for it.

On Sun, Feb 19, 2017 at 1:49 AM Michael <[hidden email]> wrote:

Sorry, if it turns out as a stupid mistake, but I am at the end of my own knowledge to solve this issue on my MediaWiki 1.28 installation:

 

I am using a python3 script to 1) get the token, and 2) login via ‘clientlogin’, but I always receive the   

"error": {

        "code": "badtoken",

        "info": "Invalid token",

 

The taken is coming from     'action': 'query',     'meta': 'tokens',     'type': 'login', and I strip the last ‘\’.

 

This is my submission for Login:

Type: <class 'urllib.request.Request'>

Contents: {'_full_url': 'https://wiki.xxxxat.com/api.php', 'unredirected_hdrs': {}, '_tunnel_host': None, 'fragment': None, '_data': b'password=Lxxxxxxxx7&action=clientlogin&rememberMe=1&username=Admin&returnurl=https%3A%2F%2Fwiki.xxxxat.com%2F&logintoken=8f2d58f9cc8336543c7f67cf8a5926d058a95ede%2B%5C&requestid=byMichael', 'origin_req_host': 'wiki.xxxxat.com', 'selector': '/api.php', 'headers': {'Content-type': 'application/x-www-form-urlencoded'}, 'type': 'https', 'unverifiable': False, 'host': 'wiki.xxxxat.com'}

 

Following  the same procedure via ApiSandbox is working fine.

 

Thank you for your help!

 

 

 

_______________________________________________
Mediawiki-api mailing list
[hidden email]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-api

_______________________________________________
Mediawiki-api mailing list
[hidden email]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-api
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Invalid Token

Gergo Tisza
There should be cookie headers. You should be using requests.Session or something like that.
Also, why are you unescaping manually instead of just using the requests reponse object's .json()?
Also, you probably shouldn't be using clientlogin in the first place. Will you be able to handle a 2FA check? Or a capthca? If you are building a non-interactive tool, you should just use the login API with bot passwords (or owner-only OAuth of that extension is installed).

On Sun, Feb 19, 2017 at 4:12 AM, Betacommand <[hidden email]> wrote:
Don't strip the last \ its part of a legacy validity check. Always pass whatever you get back the way you for it.

On Sun, Feb 19, 2017 at 1:49 AM Michael <[hidden email]> wrote:

Sorry, if it turns out as a stupid mistake, but I am at the end of my own knowledge to solve this issue on my MediaWiki 1.28 installation:

 

I am using a python3 script to 1) get the token, and 2) login via ‘clientlogin’, but I always receive the   

"error": {

        "code": "badtoken",

        "info": "Invalid token",

 

The taken is coming from     'action': 'query',     'meta': 'tokens',     'type': 'login', and I strip the last ‘\’.

 

This is my submission for Login:

Type: <class 'urllib.request.Request'>

Contents: {'_full_url': 'https://wiki.xxxxat.com/api.php', 'unredirected_hdrs': {}, '_tunnel_host': None, 'fragment': None, '_data': b'password=Lxxxxxxxx7&action=clientlogin&rememberMe=1&username=Admin&returnurl=https%3A%2F%2Fwiki.xxxxat.com%2F&logintoken=8f2d58f9cc8336543c7f67cf8a5926d058a95ede%2B%5C&requestid=byMichael', 'origin_req_host': 'wiki.xxxxat.com', 'selector': '/api.php', 'headers': {'Content-type': 'application/x-www-form-urlencoded'}, 'type': 'https', 'unverifiable': False, 'host': 'wiki.xxxxat.com'}

 

Following  the same procedure via ApiSandbox is working fine.

 

Thank you for your help!

 

 

 

_______________________________________________
Mediawiki-api mailing list
[hidden email]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-api

_______________________________________________
Mediawiki-api mailing list
[hidden email]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-api



_______________________________________________
Mediawiki-api mailing list
[hidden email]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-api
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Invalid Token

Michael-2
In reply to this post by Michael-2

Thank you for your kind replies!

 

My expectation that it’s simply writing a few lines of code to login and then having access to the API was ‘wishful thinking’.

It seems going with OAuth will be the right approach, to continue with my idea …

 

 


_______________________________________________
Mediawiki-api mailing list
[hidden email]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-api
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Invalid Token

Gergo Tisza
On Mon, Feb 20, 2017 at 4:40 AM, Michael <[hidden email]> wrote:

My expectation that it’s simply writing a few lines of code to login and then having access to the API was ‘wishful thinking’.


You should probably use one of the existing libraries. You can do a rudimentary API request in maybe six lines of code, but in practice you'll want error handling, logging, backoff when the servers are overloaded etc. which is a lot of boilerplate that existing libraries will handle for you. See https://www.mediawiki.org/wiki/API:Client_code#Python

It seems going with OAuth will be the right approach, to continue with my idea …


Yeah, it's the recommended method as it frees you from having to deal with login at all.

_______________________________________________
Mediawiki-api mailing list
[hidden email]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-api
Loading...