New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Impossible to authenticate on forked webservers #18
Comments
Just for the record, here's the full stacktrace of the error:
|
You need to re-seed the PRNG in each forked process. That's important not only for Net::Twitter::Lite, but for any module using the PRNG. See |
It didn't work, sorry. I was already doing the srand trick to seed the PRNG on every process separately. I just tested my srand trick, and saw that it was done properly. Each process produces different random numbers right after the fork. But I'm still getting the "Missing required parameter 'token'" error. Is the code I showed above correct? |
Video of the problem: https://drive.google.com/file/d/0B2F1LOVF-47ZYTJnQkpOYzVvVjg/edit?usp=sharing |
Actually, the video shows I have a different problem now than the one I had before:
Let me investigate further... |
Now I get the same old error again (Missing required parameter 'token') Does this line from the stacktrace seem correct to you?
It's got 'token' and 'token_secret' undefined. Is that correct? Maybe those parameters should be completely missing? |
I'll do some console tests when I get home. |
The |
I ran a minimal simulation script in the console, and think that there has got to be a bug somewhere, either in N::T::L, or in one of its dependencies or Net::OAuth. Here's my script: #!/usr/bin/perl
use v5.18;
use warnings;
use PConf::Private;
use Net::Twitter::Lite::WithAPIv1_1;
my $pconf = \%PConf::Private::conf;
sub _nt {
return Net::Twitter::Lite::WithAPIv1_1->new(
ssl => 1,
%{ $pconf->{'twitter'} },
);
}
say _nt->get_authentication_url(callback => 'http://local.perlmodules.net/');
print "\nEnter verifier: ";
chomp(my $verifier = <STDIN>);
_nt->request_access_token(verifier => $verifier); I run this script, visit the produced URL with my browser, click on "Accept" when at the Twitter authentication screen, then see the "verifier" GET param in my browser's URL bar, copy & paste that into my script when asked. The script above produces an error, because (just like the forking server) it does not use the exact same Net::Twitter::Lite object in both sub _nt {
state $nt = Net::Twitter::Lite::WithAPIv1_1->new(
ssl => 1,
%{ $pconf->{'twitter'} },
);
} (Replace What do you think of that? Does the program behave in the same way on your computer? What does this mean? I have the freshest perl modules installed ( |
After you call |
Thank you very much, I'll try that. It's surprising though that your example here does not mention that: https://metacpan.org/source/MMIMS/Net-Twitter-Lite-0.12006/examples/oauth_webapp.pl |
Also, since I don't have sessions for unauthenticated users, is it secure if I save the |
Scrap my last question, I found a better way - Twitter gives me the request token again, so I just save the token_secret server side, under key = |
Thanks, that did the trick. I included Before we close this ticket, I think it would be a good idea to save those parameters in the example as well (as browser cookies, or session data, or whatever), and also maybe mention that Thanks a lot again. |
I'm using the Mojolicious framework, with its Hypnotoad server.
When there's only one server process, authentication goes smoothly. When there are 10 server processes running, authentication fails. See below the code I wrote for the two twitter pages (initial page, and callback page):
Both with 1 process and with 10 processes running, I am correctly redirected to twitter's auth url, where I click "Yes" and get redirected to my twitter2 (callback) page.
But whereas with 1 process I get the twitter2 page saying "happy", when there are 10 processes the twitter2 page execution dies, with this error:
This looks like it happens because Net::Twitter::Lite requires the visitor to revisit the same webserver process when he returns from Twitter.com's authentication page.
If that is the case, then it seems like a bug of
Net::Twitter::Lite
, because there is no way to direct the user to exactly the same process.Am I doing something wrong here?
The text was updated successfully, but these errors were encountered: