Jump to content
mholgate

Cannot authenticate

Recommended Posts

mholgate

I am trying to programatically get the server Library to rescan.

 

This used to work using a simple curl command couple months ago, but I understand that additional token-based security has been added, according to http://mediabrowser.tv/community/index.php?/topic/72-user-authentication/ 

 

I am trying to follow the instructions to authenticate as per the first step in https://github.com/MediaBrowser/MediaBrowser/wiki/Authentication but to no avail.

 

I have tried a variety of curl commands, similar to this (note: I do not have a password set):
curl -d 'Authorization=MediaBrowser UserId="0d2c22c2debe62c66cc552b00adbfad4", Client="iOS", Device="iPhone", DeviceId="8912f03b961d76e736637d5d6014a586406de64c", Version="1.0.0.0"' -d "username=Foo" --dump-header headers http://192.168.0.30:8096/mediabrowser/Users/AuthenticateByName

but the error I receive is:

HTTP/1.1 500 NullReferenceException
Transfer-Encoding: chunked
Content-Type: text/html
Vary: Accept
Server: Microsoft-HTTPAPI/2.0
X-UA-Compatible: IE=Edge
X-Application-Error-Code: Object reference not set to an instance of an object.
X-Powered-By: ServiceStack/4.00 Win32NT/.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Content-Type, Authorization, Range, X-MediaBrowser-Token

Please help!  

I know that the username (and empty pass) step I've entered is successfully, because if I deliberately enter it incorrectly I get a difference error ("Invalid username or password entered").

 

 

 

Share this post


Link to post
Share on other sites
mholgate

Does no one know how to use Users/AuthenticateByName?

Share this post


Link to post
Share on other sites
Luke

Why don't you check github because our apiclient libraries have examples. And you can look at the web client source code

Share this post


Link to post
Share on other sites
mholgate

So I figured out the problem to "Object reference not set to an instance of an object"... 

 

Even though my password was empty, I still needed to Sha1 it!

 

I can now authenticate and receive the token to perform subsequent commands.

Share this post


Link to post
Share on other sites
mholgate

For those that are interested, here's my solution using PHP Curl, mentioned above.

 

It performs Authorization then uses that returned token to perform an automated Library Scan. Just host it on your server, and tweak the values appropriately for your ip, etc...

 

Note: It can also be adapted for use with command-line Curl.

<?php

//DEFINE VARIABLES
$clientName = "myname"; //a new unique name I just made up
$deviceName = "whateveryouwant"; //a new unique name I just made up
$deviceId = "10a1a7529622266339be4b21adc06810"; //a new unique id I just made up
$applicationVersion = "1.0.0"; //version number I just made up

$username = ""; //taken from the NAME column in http://myip:myport/mediabrowser/Users/Public
$password = "";
$ip = "";
$port = "";
$currentUserId = ""; //taken from the ID column in http://myip:myport/mediabrowser/Users/Public
$accessToken = "";

if (htmlspecialchars($_GET["username"])) {
	$username = $_GET["username"];
	if (htmlspecialchars($_GET["password"])) {
		$password = $_GET["password"];
	}
} else {
	echo "missing USERNAME and PASSWORD values<br><br>";
	echo "e.g...<br>";
	echo "  thisphpfile.php?username=Fred&password=mypass";
	break;
}
if (htmlspecialchars($_GET["ip"]) && htmlspecialchars($_GET["port"])) {
	$ip = $_GET["ip"];
	$port = $_GET["port"];
} else {
	echo "missing IP and PORT values<br><br>";
	echo "e.g...<br>";
	echo "  thisphpfile.php?ip=192.168.0.10&port=8096";
	break;
}
if (htmlspecialchars($_GET["currentUserId"])) {
	$currentUserId = $_GET["currentUserId"];
} else {
	echo "missing currentUserId value<br><br>";
	echo "e.g...<br>";
	echo "  thisphpfile.php?currentUserId=0d2c22c2debe61c66cc552b00adbfa10";
	echo "you can find this value in the ID column in http://myip:myport/mediabrowser/Users/Public";
	break;
}

//Stage 1...
$host = "http://".$ip.":".$port;
$path = "/mediabrowser/Users/AuthenticateByName";
$host = $host . $path;

function prepareUsernameAndPassword($username, $password) {
	$password = sha1($password, false);

	$postData = array(
	    "Username" => $username,
	    "password" => $password
	);
	//var_dump($postData);
	$postData = json_encode($postData);
	//echo " <br><br>";
	//echo "JSON.stringified postData = " . $postData;
	//echo " <br><br>";
	return ($postData);
}
$postData = prepareUsernameAndPassword($username, $password);

function prepareHeaders($accessToken, $postData) {
	$authString = 'MediaBrowser Client="' . $clientName . '", Device="' . $deviceName . '", DeviceId="' . $deviceId . '", Version="' . $applicationVersion . '", UserId="' . $currentUserId . '"';

	if ($accessToken) {
		    //echo "Step2";
		$headers = array(
		    'Content-Type: application/json',
		    'Authorization: ' . $authString,
		    'Content-Length: ' . strlen($postData),
			'X-MediaBrowser-Token: '. $accessToken 
		);
	} else {
		    //echo "Step1";
		$headers = array(
		    'Content-Type: application/json',
		    'Authorization: ' . $authString,
		    'Content-Length: ' . strlen($postData),
		);
	}
	return ($headers);
}
$headers = prepareHeaders(null, $postData);

function getURL($host, $headers, $postData) {
	$process = curl_init($host);
	curl_setopt($process, CURLOPT_HEADER, FALSE); //don't output header info
	curl_setopt($process, CURLOPT_HTTPHEADER, $headers);
	curl_setopt($process, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); //CURLAUTH_BASIC or CURLAUTH_NTLM
	//curl_setopt($process, CURLOPT_USERPWD, $username . ":" . $password);
	curl_setopt($process, CURLOPT_TIMEOUT, 30);
	curl_setopt($process, CURLOPT_FOLLOWLOCATION, TRUE);
	curl_setopt($process, CURLOPT_RETURNTRANSFER, TRUE);
	curl_setopt($process, CURLOPT_POSTFIELDS, $postData);
	curl_setopt($process, CURLOPT_POST, TRUE);
	$return = curl_exec($process);
	curl_close($process);

	//echo '<pre>';
	//print_r($return);
	//echo  '</pre>';
	return ($return);
}
$return = getURL($host, $headers, $postData); //authorize, to get access token


function extractAccessToken($return) {
	//function that returns part of string after specified sub-string
	function strafter($string, $substring) {
	  $pos = strpos($string, $substring);
	  if ($pos === false)
	   return $string;
	  else 
	   return(substr($string, $pos+strlen($substring)));
	}
	//function that returns part of string before specified sub-string
	function strbefore($string, $substring) {
	  $pos = strpos($string, $substring);
	  if ($pos === false)
	   return $string;
	  else 
	   return(substr($string, 0, $pos));
	}
	$accessToken = strafter($return,'AccessToken":"');
	$accessToken = strbefore($accessToken,'"');
	return ($accessToken);

}
$accessToken = extractAccessToken($return);

if ($accessToken) {
	echo "got AccessToken: ".$accessToken;
} else {
	break;
}

//got AccessToken
//Stage 2, perform Library Scan...
$headers = prepareHeaders($accessToken, $postData);

$host = "http://".$ip.":".$port;
$path = "/mediabrowser/ScheduledTasks/Running/2d67d886717cdade18d9640d4ebbb9cb";
$host = $host . $path;

$return = getURL($host, $headers, $postData); //perform command above


echo "<br>";
echo "Script finished";
?> 

and then you just need to execute it by entering the following in your browser:

http://myIpandPort/mediabrowser_startLibraryScan.php?username=Fred&ip=myip&port=myport&currentUserId=0d2c22c2debe61c66cc552b00adbfa10
or, for instance, for a linux shell script:
curl --data "" http://myIpandPort/mediabrowser_startLibraryScan.php\?username=Fred\&ip=myip\&port=myport\&currentUserId=0d2c22c2debe61c66cc552b00adbfa10
  • Like 1

Share this post


Link to post
Share on other sites
Luke

Well done

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...