I got this working through a bit of trial and error. It looks like only the "_su" cookie should be sent back (not the "_ss", cookie, nor any of the other cookies). (This seems to be the "HttpOnly" cookie property, so depending on the level of infrastructure you're using, this may happen for free?)
At least, that got my Python app using XMLRPC v1.2.1 and login.withPassword to start working again.
I got this working through a bit of trial and error. It looks like only the "_su" cookie should be sent back (not the "_ss", cookie, nor any of the other cookies). (This seems to be the "HttpOnly" cookie property, so depending on the level of infrastructure you're using, this may happen for free?)
At least, that got my Python app using XMLRPC v1.2.1 and login.withPassword to start working again.
Are you using pysmug? If you're suggesting I need to "block" all but the _ss cookie, how would one go about doing that?
Sorry, I think I'm adding confusion to the cookie problem. My script seems to work for a bit if I only let the _ss cookie through. But, its not working very reliably.
Sorry, I think I'm adding confusion to the cookie problem. My script seems to work for a bit if I only let the _ss cookie through. But, its not working very reliably.
attempt to patch pysmug failed
Assuming pysmug was not employing the COOKIEJAR option, I attempted to patch smugmug.py by adding the following two lines at #143.
For anyone else having pysmug trouble the following patch fixed the issue:
pysmug's implementation of pycurl does not set a cookie jar. To fix the problem, add the following two lines to smugmug.py at line number #143 and reinstall:
Comments
Login works fine, but attempts to reach https://api.smugmug.com/services/api/json/1.2.2/?SessionID=xxxxxxxxxxxxxxxxxxxx&method=smugmug.albums.get return the error. Strangely, I appear to have no trouble using the method images_get, which seems wholly inconsistent to me.
I got this working through a bit of trial and error. It looks like only the "_su" cookie should be sent back (not the "_ss", cookie, nor any of the other cookies). (This seems to be the "HttpOnly" cookie property, so depending on the level of infrastructure you're using, this may happen for free?)
At least, that got my Python app using XMLRPC v1.2.1 and login.withPassword to start working again.
Sorry, I think I'm adding confusion to the cookie problem. My script seems to work for a bit if I only let the _ss cookie through. But, its not working very reliably.
However, for your problem, I think you're using the wrong http host. According to http://wiki.smugmug.net/display/API/API+1.2.2 you should be using 'secure.smugmug.com' for 'https' connections. So it should be: https://secure.smugmug.com/services/api/json/1.2.2/
Hope that's useful ...
I may have to dump pysmug and work from scratch.
Any ETA on having this fixed?
Thanks!
Assuming pysmug was not employing the COOKIEJAR option, I attempted to patch smugmug.py by adding the following two lines at #143.
c.setopt(c.COOKIEFILE, 'cookies.txt')
c.setopt(c.COOKIEJAR, 'cookies.txt')
I'm still getting an "invalid user" error when attempting to use smugmug.albums.get.
pysmug's implementation of pycurl does not set a cookie jar. To fix the problem, add the following two lines to smugmug.py at line number #143 and reinstall:
c.setopt(c.COOKIEFILE, 'cookies.txt')
c.setopt(c.COOKIEJAR, 'cookies.txt')
You may want to set an absolute path to cookies.txt to make sure it's getting written to a folder with the necessary permissions, i.e. /tmp/