Page MenuHomePhabricator

SvgTranslate tool fails during OAuth callback
Closed, DeclinedPublic

Description

The SvgTranslate tool accepts translations, but when trying to save them, using OAuth, the following message is shown:

Error retrieving token: mwoauthdatastore-bad-token

stdClass Object ( [error] => mwoauthdatastore-bad-token [message] => No token was found matching your request. )

https://meta.wikimedia.org/w/index.php?title=Special:OAuth/token&format=json&oauth_verifier=7d981159534e4ce3e707855da5868c2c&oauth_consumer_key=8951cc0295a64593b3be43faf7ccfd55&oauth_token=fc3c252af06f2079ffd6ee718cb71b80&oauth_version=1.0&oauth_nonce=9711c4e0ac9e8c623d1030f20b139ca4&oauth_timestamp=1544257933&oauth_signature_method=HMAC-SHA1&oauth_signature=KaFMJ2HAXhrJYLtGjelJJg3WBss%3D

Event Timeline

Mikey641 created this task.May 2 2017, 4:23 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMay 2 2017, 4:23 PM

Excessive warnings fixed in https://github.com/Jarry1250/labs-svgtranslate/commit/f4c75bc43d71dbaaf316e1596292ad97b651052d

Actual oAuth error has me stumped though -- was working in January

Glrx added a subscriber: Glrx.Aug 6 2018, 4:10 PM
Glrx added a comment.Aug 6 2018, 7:32 PM

@Jarry1250

I ran SVGTranslate on [[File:Planetary transit.svg]] and keyed in some bogus translations.

I clicked OAuth upload, and got the expected redirect asking for authorization.

That should mean the temporary request token (oauth_token) and a secret were supplied to SVGTranslate over HTTPS.

I authorized the application and was redirected to

http://tools.wmflabs.org/svgtranslate/index.php?oauth_verifier=158f97016d7f35b70d032760b89bbc11&oauth_token=9b02d6b86d570858f07a1ee46f246de0

This redirect is WMF saying everything worked so far. My OAuth authorizations show SVGTranslate 1.0 is now authorized. The URL reveals the temporary oauth_token provided to SVGTranslate was &oauth_token=9b02d6b86d570858f07a1ee46f246de0. Meta likes that token.

SVGTranslate is supposed to take this information and acquire an access token from a third endpoint, Special:OAuth/token.

SVGTranslate blows up communicating with that endpoint:

Error retrieving token: mwoauthdatastore-bad-token
stdClass Object ( [error] => mwoauthdatastore-bad-token [message] => No token was found matching your request. ) 
https://meta.wikimedia.org/w/index.php?title=Special:OAuth/token&format=json&oauth_verifier=158f97016d7f35b70d032760b89bbc11&oauth_consumer_key=8951cc0295a64593b3be43faf7ccfd55&oauth_token=5e4223de67b2a68a17808ee1c558d87c&oauth_version=1.0&oauth_nonce=bf663a923b3fdfbf7de94b0bbf0a9b82&oauth_timestamp=1533570315&oauth_signature_method=HMAC-SHA1&oauth_signature=XAgZrS%2Be3mWTgGf3UNFIdDu%2BojQ%3D

Note that the redirect supplied &oauth_token=9b02d6b86d570858f07a1ee46f246de0 but the SVGTranslate request to the Special:Oauth/token endpoint used &oauth_token=5e4223de67b2a68a17808ee1c558d87c. I do not know where this second value came from. The oauth_verifier parameter was correctly copied, but not the oauth_token.

That would explain meta complaining about a bad/unknown token. Maybe a wrong argument is passed to a library function for oauth_token and meta didn't previously check if the token matched but keyed only on the oauth_verifier. Maybe the session information gets confused and the oauth_token is pulled from a different session.

Other tools may have had similar trouble:

Glrx added a comment.Aug 9 2018, 11:20 PM

Tried to do manual upload, but had problems.

Browser asked me what to do. I clicked save, and it hung.

Tried again with save-as, and it hung. It created an empty desired file and an empty .partial file.

Tried again with open, and it displayed the desired SVG in my browser, but the file has an XXX (2).svg name and 2 .partial files in the directory,

So it looks like I could run SVGTranslate, do a manual upload, and click open. That gets me the bits. Then I would need to use that deep filename or save the file to a more reasonable location. Then I could go to commons and upload the file.

Hmm, it might be that the redirect url is HTTP but the consumer is HTTPS. I'll try fixing that and see what happens.

Nope, no luck. I moved the script onto a new consumer with https:// but doesn't seem to have helped.

Jarry1250 renamed this task from svgtranslate tool-Not Working to SvgTranslate tool fails during OAuth callback.Dec 19 2018, 2:40 PM
Jarry1250 updated the task description. (Show Details)
Samwilson closed this task as Declined.Aug 8 2019, 3:37 AM
Samwilson edited projects, added SVG Translate Tool; removed Tools.
Samwilson added a subscriber: Samwilson.

This error was occurring with the old SVG Translate tool, and I'm not able to replicate it with the new version. Please reopen if it's still happening.

Restricted Application added a project: Community-Tech. · View Herald TranscriptAug 8 2019, 3:37 AM