+ characters in d cookie value

[pican79]

Hi,
I've just discovered that if the d cookie value contains 1 (or more) + character, I always get the invalid_auth error when I use the manual authentication.
NB: my Slack workspace uses SSO.
To avoid that problem, I have to urlencode the character, ie replace + by %2B.

If I'm right, do you think it's something that could be documented here?
https://github.com/rusq/slackdump/blob/master/doc/login-manual.rst

I almost went crazy when slackdump (v2.0.0-beta.2) stopped working all of a sudden.
Thanks.

[rusq]

Hey @pican79, thanks for noting this, yeah, documenting is one of the possible approaches, but I think I'll add the urlencode into the auth flow, that seems like a better solution usability-wise.

Also, if you're using beta.2 and was having trouble using EZ-Login 3000 - there's an issue where it does not like older type tokens, that might prevent it from working - see the diff between versions:
v2.0.0-beta.2...v2.0.0-rc

[rusq]

I'm testing it on my test slack instance, and when getting the data manually from the browser, I can see that the cookie is already URLencoded, i.e. xoxd=<...>%2B5LcGPkDLjdIFH3Y<...>wV0HjPh%2B9qklb5Ow%2BIdMF%2BJgnkOA23aFHaYacA3QTiOJLJKjnfEyHl9QG

So under normal conditions, if the instructions in the manual are followed, one shouldn't get the url-illegal characters.

How did you get the cookie value so that it had the '+' sign?

[pican79]

I use Firefox, which doesn't have an Application tab like Chrome.
So I got the cookie value by selecting the channels.prefs.get? request in the Network tab and clicking the Cookies pane on the right side.
There, the cookie value isn't urlencoded.

However, if I use the Storage tab and select Cookies on the left side, the cookie value is urlencoded.

[rusq]

I see, thanks! I’ve implemented the fix, that tries and detects if the Cookie contains url unsafe chars and encodes it, so this shouldn’t be an issue anymore.

On Fri, 27 May 2022 at 20:17, pican79 ***@***.***> wrote: I use Firefox, which doesn't have an Application tab like Chrome. So I got the cookie value by selecting the channels.prefs.get? request in the Network tab and clicking the Cookies pane on the right side. There, the cookie value isn't urlencoded. However, if I use the Storage tab and select Cookies on the left side, the cookie value is urlencoded. — Reply to this email directly, view it on GitHub <#65 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AD2R7HQ3Y3Q6DAJW75T6E7TVMCOK3ANCNFSM5W6Z3WYQ> . You are receiving this because you commented.Message ID: ***@***.***>

-- Kind regards, Rustam Gilyazov

[pican79]

Thanks for the fix. I validated it with the v2.0.0-rc.2 release.