AuthPuppy

Validation procedure - Token

Bug #1022688 reported by Andrei on 2012-07-09

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	AuthPuppy	Invalid	Undecided	Unassigned

Bug Description

From the ApWebServicePlugin i test it locally with a node that i created by doing this :

http://authpuppy.localhost/ws/?action=get&object_class=Node&object_id=3

and everything was ok the response was :

{"result":1,"values":{"Name":"Libre sans fil point acces 3","GwId":"3","Description":"Access point 3","CivicNumber":"xxxxx","StreetName":"xxxxxxx","City":"xxxxxxx","Province":"QC","Country":"Canada","PostalCode":"xxxxx","Phone":"xxxxxx","Email":"xxxxxx","MassTransitInfo":"","Latitude":"46.761630","Longitude":"-71.220096","Friendlyname":"accesspoint3","PortalPage":"","NumOnlineUsers":0,"OnlineUsers":[],"CreationDate":"2012-07-09 12:32:35","Status":"DEPLOYED"}}

(in the lines above i used xxxxx to replaced personnal information that i doesn't want to show)

but when i made this :

http://authpuppy.localhost//ws/?&action=auth&submit[apAuthLocalUserconnect]=Connect&apAuthLocalUser[username]=andreqc1&apAuthLocalUser[password]=motdepasse

instead of having a token like this example shows (assuming that the token value could be anything else) :

{"result":1,
    "values":{"auth":"1",
              "redirect":"http:\/\/yourGatewayIP:2760\/wifidog\/auth?token=023229e076877e0d965a400cc90fb3d285c33d63",
             }
}

The result is :

{"result":1,"values":{"auth":1}}

Somehow when the authentification failed i would have :

{"result":1,
    "values":{"auth":"0"
             }
  }

In my case auth:1

I'm on my server, and i could made an https://

So the error i have is about token, i couldn't have any token from my authpuppy server.

By the way, i've seen a user named Andre Halle using one of my mail adresses, a user that i never created.

My username is always Andrei.

Revision history for this message

gbastien (gbastien02) wrote on 2012-07-09:

Actually, the documentation is incomplete. See http://www.authpuppy.org/doc/Typical_usage_scenarios_with_plugins for more accurate information.

You are missing a few parameters to your request to be able to receive a token:

gw_id=default&
gw_address=192.168.1.1&
gw_port=2060

They come from the login request from the router.

Changed in authpuppy:
status:	New → Invalid

Revision history for this message

Andrei (andrei-halle-deactivatedaccount) wrote on 2012-07-11:

Thanks Geneviève, for this link. I will try it with the new information.

André

Revision history for this message

Andrei (andrei-halle-deactivatedaccount) wrote on 2012-07-11:

Just to comment what i wrote before, i used this url to make the scenario i desribed at the begining

Revision history for this message

Andrei (andrei-halle-deactivatedaccount) wrote on 2012-07-11:

http://www.authpuppy.org/doc/ApWebServicePlugin

Revision history for this message

Andrei (andrei-halle-deactivatedaccount) wrote on 2012-07-11:

I don't want to bother you but i have something to ask to end this.

Finally i had this token i couldn't have before. What i did is that i took the part of the php script from the url you wrote before and taking part of it i made this url :

http://authpuppy.localhost/ws/?action=auth&authenticator=apAuthLocalUser&submit[apAuthLocalUserconnect]=Connect&apAuthLocalUser[username]=testuser&apAuthLocalUser[password]=password6&gw_id=2&gw_address=192.168.22.125&gw_port=2060

and i had this :

{"result":1,"values":{"auth":1,"redirect":"http:\/\/192.168.22.125:2060\/wifidog\/auth?token=0cda0b2f3d86c83e3acd892cc4f883ca7f9eb308"}}

So if i'm right, the php script's line :

$errno = curl_errno($curl_session);

would return a 1 (true)

and the condition :

if (!$errno)

will return a false and the php script will return his message that everything's fine, I'm just presuming.

Thanks in advance

Revision history for this message

gbastien (gbastien02) wrote on 2012-07-13:

From the curl_errno documentation: http://ca3.php.net/manual/en/function.curl-errno.php

"Returns the error number or 0 (zero) if no error occurred. "

So !$errno means a success

Revision history for this message

Andrei (andrei-halle-deactivatedaccount) wrote on 2012-07-13:

Yes but in :

if (!$errno) means if (not false) or if not 0 (0 meaning false) and not(0) meaning true this if condition must be true

if (!$errno) { /***** this must be true******/) so the errno must be equal to 0 to have a 1 (true) in this case a
                     not(0) will make this condition true or (1)
     $returnvalues = json_decode($returnjsonstring, true);
     if ($returnvalues['result'] == 1) { (/******** this must be true *******/)
        if ($returnvalues['values']['auth'] == 1) (/*******this must be false********/)
           if (isset($returnvalues['values']['redirect']))
              // redirect to url $returnvalues['values']['redirect']
           else
             echo "Login successful but no connection token created. Is this intentional?";
        else
           /****** cause these are the only ways to have a successful login ******/
           echo "Login unsuccessful";
     } else {
        The first if condition return a false and
        echo "Some exception occurred using the web service: " . $returnvalues['values']['type'] . " " . $returnvalues['values']['message'];
     }
  }

Revision history for this message

Andrei (andrei-halle-deactivatedaccount) wrote on 2012-07-13:

The result of my message was not well indented

if (!$errno)
means if (not false) or if not 0 (0 meaning false) and not(0) meaning true this if condition must be true

if (!$errno) {
      /***** this must be true******/) so the errno must be equal to 0 to have a 1 (true) in this case a
               not(0) will make this condition true or (1)
     $returnvalues = json_decode($returnjsonstring, true);
     if ($returnvalues['result'] == 1) { (/******** this must be true *******/)
        if ($returnvalues['values']['auth'] == 1) (/*******this must be false********/)
           if (isset($returnvalues['values']['redirect']))
              // redirect to url $returnvalues['values']['redirect']
           else
             echo "Login successful but no connection token created. Is this intentional?";
        else
           /****** cause these are the only ways to have a successful login ******/
           echo "Login unsuccessful";
     } else {
        /**********The first if condition return a false and this exception occured ******/
        echo "Some exception occurred using the web service: " . $returnvalues['values']['type'] . " " . $returnvalues['values']['message'];
     }
  }

May be we both saying the same thing but in another way to explain it.

Revision history for this message

Andrei (andrei-halle-deactivatedaccount) wrote on 2012-07-13:

Finally i explain it the wrong way. By reading it again, i saw that i was wrong in the #5 message i wrote in this issue. In fact, when i wrote :

"if (!$errno)

will return a false and the php script will return his message that everything's fine, I'm just presuming."

I was wrong.

As you say it must return a 1 meaning success cause a false would return something wrong in the else section of that if.

Thanks a lot Geneviève.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.