Ellie (alsterellie) wrote in lj_dev,

Invalid password: please help me check my data

Hi all,

I keep getting "errmsg:Invalid password" while trying to log in on /interface/flat, using challenge/response. I am using the right password and the MD5 hash is computed correctly (or so is seems). Maybe something is wrong with the way I use auth_challenge?


First I send "mode=getchallenge", this is what I get back:

Connection code: HTTP/1.1 200 OK
auth_scheme
c0
challenge
c0:1329793200:79:60:LYkBrahns8cN8Hz5EodP:c446c32ac9c7908609c24e5facba41e9
expire_time
1329793339
server_time
1329793279
success
OK

Apparently, everything goes fine and I get a challenge string back which is: c0:1329793200:79:60:LYkBrahns8cN8Hz5EodP:c446c32ac9c7908609c24e5facba41e9

Using this string, I compute auth_response.
Now, this is the complete query with all the data that I'm sending to the server:
query: mode=login&user=ellie_1928&auth_method=challenge&auth_challenge="c0%3A1329793200%3A79%3A60%3ALYkBrahns8cN8Hz5EodP%3Ac446c32ac9c7908609c24e5facba41e9"&auth_response=5f9b791790b98f7fa89794a46a2b757a

That's what I get back:
OK
Auth response
errmsg
Invalid password
success
FAIL

As I said, I checked the MD5 hashes and the password itself.


Thanks in advance for your help.
  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 3 comments

phillip2637

February 21 2012, 15:08:10 UTC 2 years ago

The auth_challenge that I send back is just a literal echo of what I received with no quotes and no URL encoding of characters. I'm not sure it's the 'right' way but it seems to work.

alsterellie

February 21 2012, 15:11:49 UTC 2 years ago

Thank you! Does it start with "co:"? I was wondering if maybe I'm supposed to use just a substring.

phillip2637

February 21 2012, 15:18:07 UTC 2 years ago

Recent example (actually Dreamwidth but no conceptual difference): mode=login&user=philkmills&auth_method=challenge&auth_challenge=c0:1329836400:313:60:GeHewhHgwdnyunOnNrN7:bbcd24c1334299e1b8c643e0a0cc9fce....