Jump to content

Cannot authenticate


mholgate
 Share

Recommended Posts

mholgate

I am trying to programatically get the server Library to rescan.

 

This used to work using a simple curl command couple months ago, but I understand that additional token-based security has been added, according to http://mediabrowser.tv/community/index.php?/topic/72-user-authentication/ 

 

I am trying to follow the instructions to authenticate as per the first step in https://github.com/MediaBrowser/MediaBrowser/wiki/Authentication but to no avail.

 

I have tried a variety of curl commands, similar to this (note: I do not have a password set):
curl -d 'Authorization=MediaBrowser UserId="0d2c22c2debe62c66cc552b00adbfad4", Client="iOS", Device="iPhone", DeviceId="8912f03b961d76e736637d5d6014a586406de64c", Version="1.0.0.0"' -d "username=Foo" --dump-header headers http://192.168.0.30:8096/mediabrowser/Users/AuthenticateByName

but the error I receive is:

HTTP/1.1 500 NullReferenceException
Transfer-Encoding: chunked
Content-Type: text/html
Vary: Accept
Server: Microsoft-HTTPAPI/2.0
X-UA-Compatible: IE=Edge
X-Application-Error-Code: Object reference not set to an instance of an object.
X-Powered-By: ServiceStack/4.00 Win32NT/.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Content-Type, Authorization, Range, X-MediaBrowser-Token

Please help!  

I know that the username (and empty pass) step I've entered is successfully, because if I deliberately enter it incorrectly I get a difference error ("Invalid username or password entered").

 

 

 

Link to comment
Share on other sites

Why don't you check github because our apiclient libraries have examples. And you can look at the web client source code

Link to comment
Share on other sites

mholgate

So I figured out the problem to "Object reference not set to an instance of an object"... 

 

Even though my password was empty, I still needed to Sha1 it!

 

I can now authenticate and receive the token to perform subsequent commands.

Link to comment
Share on other sites

mholgate

For those that are interested, here's my solution using PHP Curl, mentioned above.

 

It performs Authorization then uses that returned token to perform an automated Library Scan. Just host it on your server, and tweak the values appropriately for your ip, etc...

 

Note: It can also be adapted for use with command-line Curl.

<?php

//DEFINE VARIABLES
$clientName = "myname"; //a new unique name I just made up
$deviceName = "whateveryouwant"; //a new unique name I just made up
$deviceId = "10a1a7529622266339be4b21adc06810"; //a new unique id I just made up
$applicationVersion = "1.0.0"; //version number I just made up

$username = ""; //taken from the NAME column in http://myip:myport/mediabrowser/Users/Public
$password = "";
$ip = "";
$port = "";
$currentUserId = ""; //taken from the ID column in http://myip:myport/mediabrowser/Users/Public
$accessToken = "";

if (htmlspecialchars($_GET["username"])) {
	$username = $_GET["username"];
	if (htmlspecialchars($_GET["password"])) {
		$password = $_GET["password"];
	}
} else {
	echo "missing USERNAME and PASSWORD values<br><br>";
	echo "e.g...<br>";
	echo "  thisphpfile.php?username=Fred&password=mypass";
	break;
}
if (htmlspecialchars($_GET["ip"]) && htmlspecialchars($_GET["port"])) {
	$ip = $_GET["ip"];
	$port = $_GET["port"];
} else {
	echo "missing IP and PORT values<br><br>";
	echo "e.g...<br>";
	echo "  thisphpfile.php?ip=192.168.0.10&port=8096";
	break;
}
if (htmlspecialchars($_GET["currentUserId"])) {
	$currentUserId = $_GET["currentUserId"];
} else {
	echo "missing currentUserId value<br><br>";
	echo "e.g...<br>";
	echo "  thisphpfile.php?currentUserId=0d2c22c2debe61c66cc552b00adbfa10";
	echo "you can find this value in the ID column in http://myip:myport/mediabrowser/Users/Public";
	break;
}

//Stage 1...
$host = "http://".$ip.":".$port;
$path = "/mediabrowser/Users/AuthenticateByName";
$host = $host . $path;

function prepareUsernameAndPassword($username, $password) {
	$password = sha1($password, false);

	$postData = array(
	    "Username" => $username,
	    "password" => $password
	);
	//var_dump($postData);
	$postData = json_encode($postData);
	//echo " <br><br>";
	//echo "JSON.stringified postData = " . $postData;
	//echo " <br><br>";
	return ($postData);
}
$postData = prepareUsernameAndPassword($username, $password);

function prepareHeaders($accessToken, $postData) {
	$authString = 'MediaBrowser Client="' . $clientName . '", Device="' . $deviceName . '", DeviceId="' . $deviceId . '", Version="' . $applicationVersion . '", UserId="' . $currentUserId . '"';

	if ($accessToken) {
		    //echo "Step2";
		$headers = array(
		    'Content-Type: application/json',
		    'Authorization: ' . $authString,
		    'Content-Length: ' . strlen($postData),
			'X-MediaBrowser-Token: '. $accessToken 
		);
	} else {
		    //echo "Step1";
		$headers = array(
		    'Content-Type: application/json',
		    'Authorization: ' . $authString,
		    'Content-Length: ' . strlen($postData),
		);
	}
	return ($headers);
}
$headers = prepareHeaders(null, $postData);

function getURL($host, $headers, $postData) {
	$process = curl_init($host);
	curl_setopt($process, CURLOPT_HEADER, FALSE); //don't output header info
	curl_setopt($process, CURLOPT_HTTPHEADER, $headers);
	curl_setopt($process, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); //CURLAUTH_BASIC or CURLAUTH_NTLM
	//curl_setopt($process, CURLOPT_USERPWD, $username . ":" . $password);
	curl_setopt($process, CURLOPT_TIMEOUT, 30);
	curl_setopt($process, CURLOPT_FOLLOWLOCATION, TRUE);
	curl_setopt($process, CURLOPT_RETURNTRANSFER, TRUE);
	curl_setopt($process, CURLOPT_POSTFIELDS, $postData);
	curl_setopt($process, CURLOPT_POST, TRUE);
	$return = curl_exec($process);
	curl_close($process);

	//echo '<pre>';
	//print_r($return);
	//echo  '</pre>';
	return ($return);
}
$return = getURL($host, $headers, $postData); //authorize, to get access token


function extractAccessToken($return) {
	//function that returns part of string after specified sub-string
	function strafter($string, $substring) {
	  $pos = strpos($string, $substring);
	  if ($pos === false)
	   return $string;
	  else 
	   return(substr($string, $pos+strlen($substring)));
	}
	//function that returns part of string before specified sub-string
	function strbefore($string, $substring) {
	  $pos = strpos($string, $substring);
	  if ($pos === false)
	   return $string;
	  else 
	   return(substr($string, 0, $pos));
	}
	$accessToken = strafter($return,'AccessToken":"');
	$accessToken = strbefore($accessToken,'"');
	return ($accessToken);

}
$accessToken = extractAccessToken($return);

if ($accessToken) {
	echo "got AccessToken: ".$accessToken;
} else {
	break;
}

//got AccessToken
//Stage 2, perform Library Scan...
$headers = prepareHeaders($accessToken, $postData);

$host = "http://".$ip.":".$port;
$path = "/mediabrowser/ScheduledTasks/Running/2d67d886717cdade18d9640d4ebbb9cb";
$host = $host . $path;

$return = getURL($host, $headers, $postData); //perform command above


echo "<br>";
echo "Script finished";
?> 

and then you just need to execute it by entering the following in your browser:

http://myIpandPort/mediabrowser_startLibraryScan.php?username=Fred&ip=myip&port=myport&currentUserId=0d2c22c2debe61c66cc552b00adbfa10
or, for instance, for a linux shell script:
curl --data "" http://myIpandPort/mediabrowser_startLibraryScan.php\?username=Fred\&ip=myip\&port=myport\&currentUserId=0d2c22c2debe61c66cc552b00adbfa10
  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...