MensBeam
/
Arsse
3
1
Fork 0
Code Issues 24 Pull Requests Releases 28 Activity
Labels Milestones
New Issue

Fever API fails to authenticate #176

Closed
opened 4 years ago by dgold · 11 comments
dgold commented 4 years ago

Hi, using most recent tarball from the site.

I've followed the installation steps, almost no changes to the configuration files (just document root in nginx.conf), everything works great in tt-rss mode, but the fever mode will not connect.

For example, when using Unread on iOS, I enter the server as https://example.com/fever/ and provide username and fever-specific password

Authentication fails with the error:-

UNABLE TO VALIDATE URL
Fever API (https://example.com/fever/?api) rejected the request (not found)

Any ideas where the mistake could be?

Hi, using most recent tarball from the site. I've followed the installation steps, almost no changes to the configuration files (just document root in nginx.conf), everything works great in `tt-rss` mode, but the `fever` mode will not connect. For example, when using Unread on iOS, I enter the server as `https://example.com/fever/` and provide username and fever-specific password Authentication fails with the error:- ``` UNABLE TO VALIDATE URL Fever API (https://example.com/fever/?api) rejected the request (not found) ``` Any ideas where the mistake could be?
jking commented 4 years ago
Owner

Sounds like an Nginx configuration problem. If you’ve only changed the document root and TT-RSS works, then it may be an error on my part. I’ll do some testing when I have some time.

Sounds like an Nginx configuration problem. If you’ve only changed the document root and TT-RSS works, then it may be an error on my part. I’ll do some testing when I have some time.
jking added the
bug
 label 4 years ago
jking commented 4 years ago
Owner

It appears I had neglected to add the following FastCGI directive to the example Nginx configuration:

fastcgi_param QUERY_STRING $query_string;

Could you try Fever again with that directive added to the location @arsse section and report back whether it works and/or you run into any other trouble?

It appears I had neglected to add the following FastCGI directive to the example Nginx configuration: ``` fastcgi_param QUERY_STRING $query_string; ``` Could you try Fever again with that directive added to the `location @arsse` section and report back whether it works and/or you run into any other trouble?
jking added the
documentation
 label 4 years ago
dgold commented 4 years ago
Poster

Hi,

Thanks for answering.

Unfortunately, that didn't work. Access logs are showing the below:

84.203.0.0 - - [26/Oct/2020:19:51:15 +0000] "GET /fever/?api HTTP/2.0" 405 0 "-" "Unread/109108 CFNetwork/1197 Darwin/20.0.0"
84.203.0.0 - - [26/Oct/2020:19:51:15 +0000] "GET /fever/api/fever.php?api HTTP/2.0" 405 0 "-" "Unread/109108 CFNetwork/1197 Darwin/20.0.0"

It looks like the server is referring the call to /fever/?api
with a redirect to /fever/api/fever.php?api

Is this expected behaviour?

Hi, Thanks for answering. Unfortunately, that didn't work. Access logs are showing the below: ``` 84.203.0.0 - - [26/Oct/2020:19:51:15 +0000] "GET /fever/?api HTTP/2.0" 405 0 "-" "Unread/109108 CFNetwork/1197 Darwin/20.0.0" 84.203.0.0 - - [26/Oct/2020:19:51:15 +0000] "GET /fever/api/fever.php?api HTTP/2.0" 405 0 "-" "Unread/109108 CFNetwork/1197 Darwin/20.0.0" ``` It *looks like* the server is referring the call to `/fever/?api` with a redirect to `/fever/api/fever.php?api` Is this expected behaviour?
jking commented 4 years ago
Owner

It doesn't look like redirection is occurring. Rather, Unread is trying two different URLs (which is good to know: I'll add the alternate).

The Arsse is hypercorrectly responding with 405 since the API is all POST-based and GET requests are technically not allowed.

As far as I know Fever actually responded with 200 and showed its Web UI, and I guess some clients expect this behaviour. If you want to try a quick fix, modify https://code.mensbeam.com/MensBeam/arsse/src/branch/master/lib/REST/Fever/API.php#L98 to read 200 instead of 405. That should get you farther along.

Thanks for your patience with this.

It doesn't look like redirection is occurring. Rather, Unread is trying two different URLs (which is good to know: I'll add the alternate). The Arsse is hypercorrectly responding with 405 since the API is all POST-based and GET requests are technically not allowed. As far as I know Fever actually responded with 200 and showed its Web UI, and I guess some clients expect this behaviour. If you want to try a quick fix, modify https://code.mensbeam.com/MensBeam/arsse/src/branch/master/lib/REST/Fever/API.php#L98 to read `200` instead of `405`. That should get you farther along. Thanks for your patience with this.
dustinwilson commented 4 years ago
Owner

It doesn't seem to be redirecting here. What it looks like to me is that the client is trying to find out which URL to use for the API endpoint. It tries the /fever/?api URL first, and since it returned a 405 error it tried the next one. It is using GET requests for this which is wrong; it should be using HEAD requests for this kind of thing instead. Arsse is returning a 405 error here by design as Fever is supposed to use POST requests.

Maybe we could have Arsse return an HTTP 200 code to get this client to cooperate, @jking?

It doesn't seem to be redirecting here. What it looks like to me is that the client is trying to find out which URL to use for the API endpoint. It tries the `/fever/?api` URL first, and since it returned a 405 error it tried the next one. It is using GET requests for this which is wrong; it should be using HEAD requests for this kind of thing instead. Arsse is returning a 405 error here by design as Fever is supposed to use POST requests. Maybe we could have Arsse return an HTTP 200 code to get this client to cooperate, @jking?
dustinwilson commented 4 years ago
Owner

Oh, you got to it seconds before I did!

Oh, you got to it seconds before I did!
jking commented 4 years ago
Owner

Great minds obviously think alike! I suspect that change will get things working. In the meantime I'll write a somewhat more proper fix.

Great minds obviously think alike! I suspect that change will get things working. In the meantime I'll write a somewhat more proper fix.
dgold commented 4 years ago
Poster

Hi again,

Made that change, still doesn't work, albeit now with a new and exciting error message!

nginx log:-

84.203.0.0 - - [27/Oct/2020:14:10:37 +0000] "GET /fever/?api HTTP/2.0" 200 0 "-" "Unread/109108 CFNetwork/1197 Darwin/20.0.0"
84.203.0.0 - - [27/Oct/2020:14:10:38 +0000] "GET /fever/api/fever.php?api HTTP/2.0" 200 0 "-" "Unread/109108 CFNetwork/1197 Darwin/20.0.0"

Unread Error:

Unable to validate URL

Fever API (http://example.org/fever?api) returned a response with a MIME type of text/html. Unread expected JSON.

EDIT TO ADD:-

The change to 200 did result in Reeder 3 working with thearsse on MacOS. If this is a client issue then there's not a lot I can expect you guys to do about it, but many thanks for your great aggregator and being so supportive here.

Hi again, Made that change, still doesn't work, albeit now with a new and exciting error message! nginx log:- ``` 84.203.0.0 - - [27/Oct/2020:14:10:37 +0000] "GET /fever/?api HTTP/2.0" 200 0 "-" "Unread/109108 CFNetwork/1197 Darwin/20.0.0" 84.203.0.0 - - [27/Oct/2020:14:10:38 +0000] "GET /fever/api/fever.php?api HTTP/2.0" 200 0 "-" "Unread/109108 CFNetwork/1197 Darwin/20.0.0" ``` Unread Error: Unable to validate URL Fever API (http://example.org/fever?api) returned a response with a MIME type of text/html. Unread expected JSON. **EDIT TO ADD:-** The change to 200 _did_ result in Reeder 3 working with thearsse on MacOS. If this is a client issue then there's not a lot I can expect you guys to do about it, but many thanks for your great aggregator and being so supportive here.
jking commented 4 years ago
Owner

I wish I had an iOS device to test for myself, but it looks like Unread is grossly misbehaving by sending its requests with GET rather than POST. While Unread is definitely at fault here, it probably worked in Fever, so I'll allow it. Expect a fixed release soon!

I wish I had an iOS device to test for myself, but it looks like Unread is grossly misbehaving by sending its requests with GET rather than POST. While Unread is definitely at fault here, it probably worked in Fever, so I'll allow it. Expect a fixed release soon!
jking commented 4 years ago
Owner

I've published a new release which should work with Unread (I hope). It will also work with NewsFlash, which I discovered this morning didn't work, either, though for a different reason. With any luck you won't have to quote any more error messages! ;)

I've published a new release which should work with Unread (I hope). It will also work with NewsFlash, which I discovered this morning didn't work, either, though for a different reason. With any luck you won't have to quote any more error messages! ;)
👍 1 🎉 2
dgold commented 4 years ago
Poster

... and it works!

Thanks so much @jking, I'm going to mark this closed.

... and it works! Thanks so much @jking, I'm going to mark this closed.
👍 1
dgold closed this issue 4 years ago
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
arch
arch2
dbtest
getopt
master
microsub
phake
reader
redup
rpm
Labels
Apply labels
Clear labels
admin tools api bug documentation duplicate enhancement feature help wanted in progress internals invalid packaging question testing trivial wontfix
No Label admin tools api bug documentation duplicate enhancement feature help wanted in progress internals invalid packaging question testing trivial wontfix
Milestone
Set milestone
Clear milestone
No items
No Milestone
Assignees
Assign users
Clear assignees
No Assignees
3 Participants
Notifications
Due Date

No due date set.

Dependencies

This issue currently doesn't have any dependencies.

Write Preview
Loading…
Cancel
Save
There is no content yet.
Delete Branch '%!s(MISSING)'

Deleting a branch is permanent. It CANNOT be undone. Continue?

No
Yes