Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

Previous information stored breaks login ? #522

mart-e opened this Issue Mar 31, 2013 · 6 comments


None yet
4 participants

mart-e commented Mar 31, 2013

I made a few tests on my pump instance : self-hosted at home, http proxy with varnish on a debian server, etc. Now I have something +/- stable (direct https, 302 redirection using varnish if tries on port 80) but I notice that, with the instances I tried to interact during my tests, I can not login anymore. My guess is there is some previous connection information stored that breaks the login.

There is no problem with pumpyourself.com, pumpity.net, pumpbuddy.us or pumprock.net but with fmrl.me it fails with a white screen containing only

Error: No content type
    at Function.Credentials.register (/opt/pump.io/lib/model/credentials.js:165:23)
    at next (/opt/pump.io/node_modules/step/lib/step.js:51:23)
    at IncomingMessage.DialbackClient.post (/opt/pump.io/node_modules/dialback-client/lib/dialbackclient.js:208:21)
    at IncomingMessage.EventEmitter.emit (events.js:126:20)
    at IncomingMessage._emitEnd (http.js:366:10)
    at HTTPParser.parserOnMessageComplete [as onMessageComplete] (http.js:149:23)
    at Socket.socketOnEnd [as onend] (http.js:1474:12)
    at TCP.onread (net.js:419:26)

And I don't even see a connection probe in my logs (trying on old ip ?) Also on microca.st, it fails with the following error in my logs :

[2013-03-31T16:51:58.102Z]  INFO: pump.io/web/10829 on mart:  (req_id=d11771c8-d62e-457c-9066-05318fc8585e, req.remoteAddress=, req.remotePort=53080)
    POST / HTTP/1.1
    authorization: OAuth oauth_consumer_key="ExRRqovLzIuf8r7CcnotZQ",oauth_nonce="3EpX8QoXpU9CYr8IAUE9LyioINgpyVTT",oauth_signature_method="HMAC-SHA1",oauth_timestamp="1364748716",oauth_version="1.0",oauth_signature="LIsfrYsvoJRDBM4cc2kA6dJSBwQ%3D"
    host: pump.mart-e.be
    user-agent: pump.io/0.2.2-alpha.1
    content-length: 0
    content-type: application/x-www-form-urlencoded
    connection: keep-alive
    HTTP/1.1 400 Bad Request
    X-Powered-By: Express
    Server: pump.io/0.3.0-alpha.1 express/2.5.11 node.js/v0.8.15
    Content-Type: text/plain
    Date: Sun, 31 Mar 2013 16:51:58 GMT
    Connection: keep-alive
    Transfer-Encoding: chunked
    client: {
      "title": "<none>"

I guess that all these instances are using the same configuration (hosted by you, right ?), so the only difference I see it the fact I tried to follow people on this instance before.

mart-e commented Mar 31, 2013

The problem seems to be the same with pump2status. I succeeded connecting when I had my instance on port 80 but now that I have switched to SSL, I have got :

500 Error: Missing required parameter
at exports.handleLogin (/opt/pump2status/routes/index.js:82:22)
at async.waterfall.wrapIterator (/opt/pump2status/node_modules/async/lib/async.js:428:21)
at exports.OAuth.getOAuthRequestToken (/opt/pump2status/node_modules/oauth/lib/oauth.js:518:17)
at passBackControl (/opt/pump2status/node_modules/oauth/lib/oauth.js:374:13)
at IncomingMessage.exports.OAuth._performSecureRequest.request.on.callbackCalled (/opt/pump2status/node_modules/oauth/lib/oauth.js:386:9)
at IncomingMessage.EventEmitter.emit (events.js:126:20)
at IncomingMessage._emitEnd (http.js:366:10)
at HTTPParser.parserOnMessageComplete [as onMessageComplete] (http.js:149:23)
at CleartextStream.socketOnData [as ondata] (http.js:1472:20)
at CleartextStream.CryptoStream._push (tls.js:544:27)

evanp commented Apr 1, 2013

Most of these services store remote URLs by hostname according to how they got them first.

They also don't honour redirects for OAuth processes (like login).

I'll see what I can do to fix it, but it's going to be a few days.

I am with the same problem.. I changed the port, the db from redis to mongodb to redis again only to test and so.
Now i can only add people that i never added to my instance.
BTW, i think it could be a way revoking the bad (and old) credentials and authorize it again.


evanp commented Jun 29, 2013

@tioeze so, we might be able to make this work. Can you ping me on IRC?

mart-e commented Jun 29, 2013

It would be cool to have a migrate activity. Something like :

   'migrate': {
      'from: { ... }
      'to': { ... }

edit: Actually migration would be better for individual changing of instance (which could be useful to). Here, as we are talking at instance level, it should be different. Maybe revoking old URL hostnames would be better.

yvolk commented Aug 20, 2013

I also got the "Missing required parameter" response while calling "whoami" API at pump.io and found this discussion.
I figured out that the problem was indeed due to "Previous information stored breaks login" BUT it was MY client application (AndStatus Android application, see https://github.com/andstatus/andstatus) which failed to clear old information. I fixed it and now I can successfully make the authenticated request to pump.io site.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment