New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix reauthentication #1

Open
wants to merge 1 commit into
base: master
from

Conversation

Projects
None yet
2 participants
@kauffecup

kauffecup commented Mar 21, 2017

First off, thanks so much for this package! I started going down this road and then found this and it works great!

The authorize account endpoint is always https://api.backblazeb2.com/b2api/v1/b2_authorize_account, and won't use the api endpoint returned from the auth request (something like https://api001.backblazeb2.com/b2_authorize_account). Thus, this should reference conf.apiUrl instead of this.apiUrl (which is set during authentication). The first auth request works because this value is initialized as conf.apiUrl.

This change allows you to call authorize multiple times and have it regenerate the auth token successfully

Fix reauthentication
First off, thanks so much for this package! I started going down this road and then found this and it works great!

The authorize account endpoint is always `https://api.backblazeb2.com/b2api/v1/b2_authorize_account`, and won't use the api endpoint returned from the auth request (something like `https://api001.backblazeb2.com/b2_authorize_account`). Thus, this should reference `conf.apiUrl` instead of `this.apiUrl` (which is set during authentication). The first auth request works because this value is initialized as `conf.apiUrl`.

This change allows you to call `authorize` multiple times and have it regenerate the auth token successfully
@kauffecup

This comment has been minimized.

Show comment
Hide comment
@kauffecup

kauffecup Mar 21, 2017

My server is running indefinitely, meaning that the auth token will inevitably expire at some point. According to the backblaze docs, when this 401 expired token happens, it's best to send a re-authentication request:

The rest of the error codes described below can be returned from any B2 API.
401 Unauthorized. Returned while uploading, indicates the upload URL has expired; A new upload URL can be obtained from b2_get_upload_url or b2_get_upload_part_url. Returned from b2_authorize_account, indicates the account ID is wrong, the account does not have B2 enabled, or the application key is not valid. For all other APIs, a 401 indicates the Authorization token, originally returned from b2_authorize_account is no longer valid. If your process or application is long running, you should cache the B2 application id and key. When this error occurs, simply fetch a new authorization token and retry the previous command. To test your code, add a X-Bz-Test-Mode: expire_some_account_authorization_tokens header. This will cause account authorization tokens to expire frequently, allowing you to verify that your code correctly re-establishes authorization.
https://www.backblaze.com/b2/docs/integration_checklist.html

kauffecup commented Mar 21, 2017

My server is running indefinitely, meaning that the auth token will inevitably expire at some point. According to the backblaze docs, when this 401 expired token happens, it's best to send a re-authentication request:

The rest of the error codes described below can be returned from any B2 API.
401 Unauthorized. Returned while uploading, indicates the upload URL has expired; A new upload URL can be obtained from b2_get_upload_url or b2_get_upload_part_url. Returned from b2_authorize_account, indicates the account ID is wrong, the account does not have B2 enabled, or the application key is not valid. For all other APIs, a 401 indicates the Authorization token, originally returned from b2_authorize_account is no longer valid. If your process or application is long running, you should cache the B2 application id and key. When this error occurs, simply fetch a new authorization token and retry the previous command. To test your code, add a X-Bz-Test-Mode: expire_some_account_authorization_tokens header. This will cause account authorization tokens to expire frequently, allowing you to verify that your code correctly re-establishes authorization.
https://www.backblaze.com/b2/docs/integration_checklist.html

@cebollia

This comment has been minimized.

Show comment
Hide comment
@cebollia

cebollia Mar 21, 2017

Owner

Your pull request was actually an unfinished thought on re-authentication of an expired token. I'll find some time in the next couple weeks to fully implement it, and remove the requirement to run authorize().

Glad you found use out of it, thanks!

Owner

cebollia commented Mar 21, 2017

Your pull request was actually an unfinished thought on re-authentication of an expired token. I'll find some time in the next couple weeks to fully implement it, and remove the requirement to run authorize().

Glad you found use out of it, thanks!

@kauffecup

This comment has been minimized.

Show comment
Hide comment
@kauffecup

kauffecup Mar 22, 2017

yeah I debated even opening it for that reason, but figured it would be a good medium to reach out to you regardless haha

kauffecup commented Mar 22, 2017

yeah I debated even opening it for that reason, but figured it would be a good medium to reach out to you regardless haha

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment