Possible Bug/Feature: Logout doesn't work for anonymous logins
luke_church
Registered Users Posts: 507 Major grins
Priority: Very Low, I don't think it matters, I just need confirmation of intended behaviour so I can add a method call blocker..
Issue: Attempts to Logout an anonymous Session ID result in fault code 3, invalid session
[php]
<?xml version="1.0"?>
<methodCall>
<methodName>smugmug.login.anonymously</methodName>
<params>
<param>
<value>
<string>1.1.0</string>
</value>
</param>
<param>
<value>
<string>hIsjW2dIh0k6oMPwTMdthScgLcXPKoiu</string>
</value>
</param>
</params>
Header
<methodResponse>
<params>
<param>
<value>
<struct>
<member>
<name>SessionID</name>
<value>
<string>fd93c708d8341ca0cde19690d121444e</string>
</value>
</member>
</struct>
</value>
</param>
</params>
</methodResponse>
Header
<?xml version="1.0"?>
<methodCall>
<methodName>smugmug.logout</methodName>
<params>
<param>
<value>
<string>fd93c708d8341ca0cde19690d121444e</string>
</value>
</param>
</params>
</methodCall>
Header
<methodResponse>
<fault>
<value>
<struct>
<member>
<name>faultCode</name>
<value>
<int>3</int>
</value>
</member>
<member>
<name>faultString</name>
<value>
<string>invalid session</string>
</value>
</member>
</struct>
</value>
</fault>
</methodResponse>
[/php]
Workaround: Currently: Make the call, absorb the error, assume the session has been destroyed and carry on
If this is confirmed behaviour, I'll just block the call.
Cheers,
Luke
Issue: Attempts to Logout an anonymous Session ID result in fault code 3, invalid session
[php]
<?xml version="1.0"?>
<methodCall>
<methodName>smugmug.login.anonymously</methodName>
<params>
<param>
<value>
<string>1.1.0</string>
</value>
</param>
<param>
<value>
<string>hIsjW2dIh0k6oMPwTMdthScgLcXPKoiu</string>
</value>
</param>
</params>
Header
<methodResponse>
<params>
<param>
<value>
<struct>
<member>
<name>SessionID</name>
<value>
<string>fd93c708d8341ca0cde19690d121444e</string>
</value>
</member>
</struct>
</value>
</param>
</params>
</methodResponse>
Header
<?xml version="1.0"?>
<methodCall>
<methodName>smugmug.logout</methodName>
<params>
<param>
<value>
<string>fd93c708d8341ca0cde19690d121444e</string>
</value>
</param>
</params>
</methodCall>
Header
<methodResponse>
<fault>
<value>
<struct>
<member>
<name>faultCode</name>
<value>
<int>3</int>
</value>
</member>
<member>
<name>faultString</name>
<value>
<string>invalid session</string>
</value>
</member>
</struct>
</value>
</fault>
</methodResponse>
[/php]
Workaround: Currently: Make the call, absorb the error, assume the session has been destroyed and carry on
If this is confirmed behaviour, I'll just block the call.
Cheers,
Luke
0
Comments
Behaviour confirmed against XML-RPC 1.1.1 BETA
Luke
SmugSoftware: www.smugtools.com
[EDIT]
I also cannot logout a non-anonymous session using REST.
However, I can't see what I am doing wrong, I checked the URL and it looked fine; the session ID was received a few seconds earlier and worked fine for some other calls:
https://api.smugmug.com/hack/rest/?method=smugmug.logout&SessionID=[session ID]