Posted by greg.harvey on December 11, 2009 at 5:29pm
Jump to:
| Project: | Services |
| Version: | 7.x-3.x-dev |
| Component: | Code |
| Category: | bug report |
| Priority: | critical |
| Assigned: | Unassigned |
| Status: | closed (won't fix) |
Issue Summary
I stumbled across this while investigating #657368: Access Denied on Ubuntu Server, fine on CentOS test server
It seems sometimes the xmlrpc_server_server_error() function actually can't deal with $message properly. The example I got was a token expired error. It was passed to xmlrpc_server_server_error() as an object, which should be converted on line 55, but isn't, so when it gets to the implode() line on line 58 you get a PHP error in watchdog and no error back to your application calling the web service.
Incoming $message object looks like this:
stdClass Object
(
[is_error] => 1
[code] => 1
[message] => Token has expired.
)After the supposed conversion it looks like this:
Array
(
[0] => stdClass Object
(
[is_error] => 1
[code] => 1
[message] => Token has expired.
)
)So the implode() code fails.
For reference, this is happening on an Ubuntu Server running PHP 5.2.11.
Comments
#1
This seems to affect all key authentication errors. They never get sent back properly to the client and instead leave the object error in the Drupal log. I got the same for "Invalid API key" errors too.
I'm actually marking up to critical, because it is pretty critical if the services are failing silently. Do downgrade if you disagree. I won't argue. =)
#2
Which server are you using when this happens? XMLRPC or something else? I'm wondering if it is a problem with the message being sent by your server module.
#3
XMLRPC. All other messages seem to come back fine.
Except for the user.logout method, but I'll raise a separate issue for that.
#4
Marking as fixed as seperate issue has been raised for logout.
#5
Yes, separate issue raised, but no, not fixed. This issue still exists. Sorry if my last post caused confusion, but the user.logout method problem is entirely independent and doesn't change the fact all the API-related messages are not returning properly either.
What I meant to do was:
A) Confirm I'm using the XML-RPC server
B) Confirm it only seems to be API-key related messages that are broken, but they are still broken
#6
Guess this should move here.
#7
I had some invalid nonce messages earlier this week and when I went back and looked at them, I did not see the errors on implode() you report here. I haven't investigated immensely further, but I'm going to push this back to next release. It doesn't seem like a show-stopper.
#8
So im getting the same issues, and nobody has been able to answer or help out.. I started a thread but it seems that im not the only one getting invalid api key and toen has expired..
any code examples that someone knows works that I could test out... im on a localhost machine ..
http://drupal.org/node/746686
day 3 at it .. about to give up :(
#9
No, you're not "getting the same issues". Your issues are totally unrelated to this bug report. You can't authenticate. This issue is about servers sometimes returning error messages in the wrong format. I see no relationship whatsoever.
Also, it seems like plenty of people are trying to help you. I *do* hope you get it sorted, because web services are cool and it would be a shame if you gave up, but bringing over here won't make any difference. Sorry. (And, nicely, please don't try and hijack other people's threads because yours is stalling - it just creates unnecessary noise, and it is a little annoying too. You're already getting help from some very smart and knowledgeable people in your own issue.)
#10
Bumping version
#11
This doesn't exist in 3.x