Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Bug]: log in to self-hosted Browsertrix fails due to the wrong content type #283

Closed
annappropriate opened this issue Dec 16, 2024 · 3 comments · Fixed by #291
Closed

[Bug]: log in to self-hosted Browsertrix fails due to the wrong content type #283

annappropriate opened this issue Dec 16, 2024 · 3 comments · Fixed by #291
Labels
bug Something isn't working

Comments

@annappropriate
Copy link

ArchiveWeb.page Version

0.14.1

What did you expect to happen? What happened instead?

I have a self-hosted Browsertrix instance set up, and I would like to connect the ArchiveWeb.page extension to it. I can successfully log in via the Browsertrix web interface.

Here is a curl command one can obtain from the web UI login process, which runs successfully:

$ curl 'https://MY_DOMAIN/api/auth/jwt/login' \
                          -H 'Accept: */*' \
                          -H 'Accept-Language: en-US,en;q=0.9,uk;q=0.8' \
                          -H 'Connection: keep-alive' \
                          -H 'Content-Type: application/x-www-form-urlencoded' \
                          -H 'Origin: https://MY_DOMAIN' \
                          -H 'Referer: https://MY_DOMAIN/log-in' \
                          -H 'Sec-Fetch-Dest: empty' \
                          -H 'Sec-Fetch-Mode: cors' \
                          -H 'Sec-Fetch-Site: same-origin' \
                          -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36' \
                          -H 'sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"' \
                          -H 'sec-ch-ua-mobile: ?0' \
                          -H 'sec-ch-ua-platform: "Linux"' \
                          --data-raw 'grant_type=password&username=USER%40EMAIL.com&password=PASSWORD' \
                          --insecure | jq .
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   582  100   489  100    93    997    189 --:--:-- --:--:-- --:--:--  1187
{
  "access_token": "x",
  "token_type": "bearer",
  "user_info": {
    "id": "x",
    "name": "Anna",
    "email": "USER@EMAIL.com",
    "is_superuser": true,
    "is_verified": false,
    "orgs": [
      {
        "id": "x",
        "name": "x",
        "slug": "x",
        "default": true,
        "role": 100
      }
    ]
  }
}

And here is what's sent from the extension:

$ curl 'https://MY_DOMAIN/api/auth/jwt/login' \
               -H 'sec-ch-ua-platform: "Linux"' \
               -H 'Referer;' \
               -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36' \
               -H 'Accept: */*' \
               -H 'sec-ch-ua: "Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"' \
               -H 'Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryEFdE41prJFPvcemD' \
               -H 'sec-ch-ua-mobile: ?0' \
               --data-raw \$'------WebKitFormBoundaryEFdE41prJFPvcemD\r\nContent-Disposition: form-data; name="username"\r\n\r\nUSER@EMAIL.com\r\n------WebKitFormBoundaryEFdE41prJFPvcemD\r\nContent-Disposition: form-data; name="password"\r\n\r\nPASSWORD\r\n------WebKitFormBoundaryEFdE41prJFPvcemD--\r\n' | jq .
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   579  100   274  100   305   1786   1988 --:--:-- --:--:-- --:--:--  3784
{
  "detail": [
    {
      "type": "missing",
      "loc": [
        "body",
        "username"
      ],
      "msg": "Field required",
      "input": null,
      "url": "https://errors.pydantic.dev/2.8/v/missing"
    },
    {
      "type": "missing",
      "loc": [
        "body",
        "password"
      ],
      "msg": "Field required",
      "input": null,
      "url": "https://errors.pydantic.dev/2.8/v/missing"
    }
  ]
}

The issue seems to be in the different content types and payloads. According to the API spec, application/x-www-form-urlencoded is the correct content type: https://docs.browsertrix.com/api/#tag/auth/operation/login_api_auth_jwt_login_post

Could you please fix the login field to use the correct content type?

Step-by-step reproduction instructions

  1. Go to the extension settings
  2. Navigate to settings -> Browsertix tab
  3. Fill in custom server URL, login and password
  4. Click "Save"

Additional details

No response

@annappropriate annappropriate added the bug Something isn't working label Dec 16, 2024
@ikreymer
Copy link
Member

Thanks for the detailed repro! I can confirm that it's using multipart form uploads, but strangely for me, the login is succeeding with multipart form data. Are you deploying on localhost? k8s cluster? Are you using an ingress or just connecting directly?

@ikreymer
Copy link
Member

Though I couldn't repro the issue, verified it's now using application/x-www-form-urlencoded for logins in 0.14.2

@annappropriate
Copy link
Author

It's on VPS in microk8s. I'll test the fix, thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants