2670: /api/session not working with reviewboard 1.6.9

pragal******@gmai***** (Google Code) (Is this you? Claim this profile.)
Dec. 30, 2012 
What version are you running?
1.6.9

What's the URL of the page containing the problem?
/api/session

What steps will reproduce the problem?
1. Try to login API
2.
3.

What is the expected output? What do you see instead?
login Successful

What operating system are you using? What browser?
Kubunu 12.04 32 bit. Firefox 13.0

Please provide any additional information below.
I have written a review board plugin for netbeans IDE (https://code.google.com/p/nb-reviewboard/). This used to work with review board 1.6.9.

However it is not working with 1.6.9. I have enabled the server log. Here is the error i saw in the log,

Exception thrown for user AnonymousUser at http://192.168.0.3/api/session/

Incorrect padding
Traceback (most recent call last):
  File "/usr/local/lib/python2.7/dist-packages/Django-1.3.1-py2.7.egg/django/core/handlers/base.py", line 111, in get_response
    response = callback(request, *callback_args, **callback_kwargs)
  File "/usr/local/lib/python2.7/dist-packages/Django-1.3.1-py2.7.egg/django/views/decorators/cache.py", line 79, in _wrapped_view_func
    response = view_func(request, *args, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/Django-1.3.1-py2.7.egg/django/views/decorators/vary.py", line 22, in inner_func
    response = func(*args, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/Djblets-0.6.19-py2.7.egg/djblets/webapi/resources.py", line 353, in __call__
    check_login(request)
  File "/usr/local/lib/python2.7/dist-packages/Djblets-0.6.19-py2.7.egg/djblets/webapi/auth.py", line 44, in check_login
    basic_access_login(request)
  File "/usr/local/lib/python2.7/dist-packages/Djblets-0.6.19-py2.7.egg/djblets/webapi/auth.py", line 50, in basic_access_login
    username, password = encoded_auth.decode('base64').split(':', 1)
  File "/usr/lib/python2.7/encodings/base64_codec.py", line 42, in base64_decode
    output = base64.decodestring(input)
  File "/usr/lib/python2.7/base64.py", line 321, in decodestring
    return binascii.a2b_base64(s)
Error: Incorrect padding
	

Internal Server Error: /api/session/
Traceback (most recent call last):
  File "/usr/local/lib/python2.7/dist-packages/Django-1.3.1-py2.7.egg/django/core/handlers/base.py", line 111, in get_response
    response = callback(request, *callback_args, **callback_kwargs)
  File "/usr/local/lib/python2.7/dist-packages/Django-1.3.1-py2.7.egg/django/views/decorators/cache.py", line 79, in _wrapped_view_func
    response = view_func(request, *args, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/Django-1.3.1-py2.7.egg/django/views/decorators/vary.py", line 22, in inner_func
    response = func(*args, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/Djblets-0.6.19-py2.7.egg/djblets/webapi/resources.py", line 353, in __call__
    check_login(request)
  File "/usr/local/lib/python2.7/dist-packages/Djblets-0.6.19-py2.7.egg/djblets/webapi/auth.py", line 44, in check_login
    basic_access_login(request)
  File "/usr/local/lib/python2.7/dist-packages/Djblets-0.6.19-py2.7.egg/djblets/webapi/auth.py", line 50, in basic_access_login
    username, password = encoded_auth.decode('base64').split(':', 1)
  File "/usr/lib/python2.7/encodings/base64_codec.py", line 42, in base64_decode
    output = base64.decodestring(input)
  File "/usr/lib/python2.7/base64.py", line 321, in decodestring
    return binascii.a2b_base64(s)
Error: Incorrect padding
#1 pragal******@gmai***** (Google Code) (Is this you? Claim this profile.) 
This used to work with review board 1.6.9.
However it is not working with 1.6.9.

Please read the above as,

This used to work with review board 1.6.3.
However it is not working with 1.6.9.
chipx86
#2 chipx86 
According to this, the base64 string being sent as the authentication token isn't valid base64. This is a bug in the client, not the server. That code also hasn't changed in a while, so I don't know how it'd be a Review Board issue. You may want to verify the string the client is sending.
  • +NeedInfo
#3 pragal******@gmai***** (Google Code) (Is this you? Claim this profile.) 
Hi,
Thanks for the clarification. Here is the Java code (using apache http client package) that call the session/api.

HttpGet get = new HttpGet(url + "/api/session");
        String auth = Base64.encodeBase64URLSafeString((username + ":" + password).getBytes());
        get.setHeader("Authorization", "Basic " + auth);
        HttpResponse response = httpClient.execute(get);

This exact code works fine with review board 1.6.3 but fails with 1.6.9.
To give some more context, 1.6.3 is running on Kubuntu 11.10 64 bit and 1.6.9 is running on Kubunutu 12.04 32 bit.

Is there any impact due to this?

Also since they are running on different OS versions, there is a possibility that python version also has changed. 

1.6.9 is running using Python 2.7.3.

Any help is appreciated.
#4 pragal******@gmai***** (Google Code) (Is this you? Claim this profile.) 
hi,
Any clue?
david
#5 david
  • +Component-API
david
#6 david 
It looks like this is a better way to set authorization headers: http://stackoverflow.com/a/4628326
  • -NeedInfo
    +UserError