[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: cookie=.AspNetCore.Identity.Application not sent (expired)



Hi All, 
I was able to solve this problem.  The reason that HTTPAPI thought the
cookie was expired is because it could not parse the expiration date
correctly and passed back *loval in the timestamp of the cookie expire date.
The date I am getting is in the format of "MON, 12 DEC 2016 14:22:19 GMT".
This format matches everything I could find about standard cookie expiration
dates.  

The bug I am reporting is in the cookie2ts procedure of
LIBHTTP/QRPGLESRC(HEADERR4)

The cookie expire date VALUE = 'MON, 12 DEC 2016 14:22:19 GMT'

Bug reported: When STATE = 1 (day of month parse) and the trailing blank is
processed the logic iterates without changing STATE = 2. The iteration sets
the value of CH to the first character of the day of month which is then
processed as STATE = 1 which finally sets STATE = 2. The problem is we lose
the first character of the month.

This same scenario is presented for STATE = 2 processing on the trailing
blank after month. We lose the first character of the year. 

Both the STATE = 1 and STATE = 2 use the logic.
if ch = ' '  
iter
endif

My suggested fixes are: (I made these changes and they worked for me.)

*******************************************
* State 1: Reading the "day of month"
* (2-digit number)
*******************************************
c when state = 1

c if ch = ' '  (added "and day = *blanks") 
c iter
c endif

C NUMBERS check ch Found
c if found = 0
c eval day = day + ch
c else
c eval state = 2
c endif

*******************************************
* State 2: Reading the month name
* (3-char abbreviation)
*******************************************
c when state = 2

c if ch = ' ' (added "and mon = *blanks")
c iter
c endif

C UPPER check ch Found
c if found = 0
c eval mon = mon + ch
c else
c eval state = 3
c endif


After making this change, the parse returned the timestamp correctly.  The
cookie is recognized as being current and is sent back to the server on the
subsequent GET. Everything is working now. 
 
I believe this fix, or something like it,  should be incorporated into the
project but I don't know who is handling the project maintenance.  If I can
be of help, please let me know.  

Thank you very much for HTTPAPI and all the effort that Scott and others
have put forth to make it do the great things it does. 



-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of DAVID lerman
Sent: Thursday, December 01, 2016 2:47 PM
To: ftpapi@xxxxxxxxxxxxxxxxxxxxxx
Subject: cookie=.AspNetCore.Identity.Application not sent (expired)

Hi,  I have spent many hours searching the Archive for why the cookie is not
being sent before resorting to this post.  The only thing I found was a
reference to "Temporary"  cookies which would not be exported to the cookie
file if specified. I think it was also implied it would not be sent back up
on the next attempt to do something in the same session as well.   It was
mentioned in the HTTPAPI and Cookie support or the Cookie testers wanted
thread.  


The cookie has an expiration of  "cookie attr expires=Sun, 11 Dec 2016
15:29:54 GMT" and the web side developers assure me that it is not
temporary. 


See the log below.. thanks in advance for any suggestions.  I will
investigate and test them immediately. 


HTTPAPI Ver 1.32 released 2016-02-10
NTLM Ver 1.4.0 released 2014-12-22
OS/400 Ver V7R1M0

New iconv() objects set, PostRem=819. PostLoc=0. ProtRem=819. ProtLoc=0
http_url_post(): entered
http_persist_open(): entered
http_long_ParseURL(): entered
DNS resolver retrans: 2
DNS resolver retry : 2
DNS resolver options: x'00000136'
DNS default domain: i5-microfirst.local
DNS server found: 192.168.200.254
DNS server found: 10.30.0.54
DNS server found: 10.0.0.11
Nagle's algorithm (TCP_NODELAY) disabled.
http_persist_post(): entered
http_persist_req(POST) entered.
http_long_ParseURL(): entered
http_long_ParseURL(): entered
do_oper(POST): entered
cookie_read(): read cookies from /home/DLERMAN/mbvCookie.txt
There are 0 cookies in the cache
POST /api/Login HTTP/1.1
Host: 10.0.1.248
User-Agent: http-api/1.32
Content-Type: application/json
Content-Length: 54


senddoc(): entered
{"User":{"UserName":"password1","Password":"password1"}}
recvresp(): entered
HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Expires: -1
Server: Kestrel
Set-Cookie:
.AspNetCore.Identity.Application=CfDJ8Labg42Ph2VBp9zbMgWAc60I67FKD-oOamNZ_Zp
pLy0OccHNF1xxIsjDWxHjWuMu00oaqLAdIE3_z-20IqJxUXzlugoDkEyey5Ewcp6RFhiMoHm-cxl
PZOTTL7SyIHkk9kiLImwYqHbBRmTgJva4VX4Y808LmTslQmT6N7EIfz-E2HZINBCKeKXIyqjGpm4
VuRjdc0-Q9f876RJnINUY8TmdrlhbAYHYXhRrtzo4ZpbzkfGqLEY0cSTALFz9ziR0N_qiK-EeHcl
4yXLsWeWvFpOz1lc9Idj5f8hil2qyQweNvSYSIb3_0-ORBHRxVrEsLKN8CQg8kjWD3kLcIqUavA4
3XhXwkemKiny858dS3r8fEOGwz89vnkz585dCqOPCW0wb8Cim-nZf_SuE8L8FDtn_io_al3A5xsY
1SMxxN0iO9DJsJtwUvOw8T9MM8-iJRTLmhuXOYYCBJ_KLVeRXPVgWXVnshjDOxoKx1yUjA4iEsIb
NtM26Jmvw7tNou3Xctiauscu9CjW316cPG4-tu0DqJnA4Flxg0zZmNABjKHvw_Ho8qSqaMKA9aKB
-rqPoXbZkDTWfYCiWMnow4j0EADkNdnIh3FrK65XkzlGDFe6aOCVqxhDmGJ89D535GBFY0tDRjck
_m9WRCFfT5J2WehSRGrpY46Qy0d1DJL9b8TflrLBHZp0jIdCMPTc2V8KM83WNNjSjIIEfgg2Gwcb
9VcU; expires=Sun, 11 Dec 2016 15:29:54 GMT; path=/; httponly
Date: Thu, 01 Dec 2016 15:29:56 GMT


SetError() #13: HTTP/1.1 200 OK
recvresp(): end with 200
recvdoc parms: chunked 0
header_load_cookies() entered
cookie_read(): read cookies from /home/DLERMAN/mbvCookie.txt
cookie_parse() entered
cookie =
.AspNetCore.Identity.Application=CfDJ8Labg42Ph2VBp9zbMgWAc60I67FKD-oOamNZ_Zp
pLy0OccHNF1xxIsjDWxHjWuMu00oaqLAdIE3_z-20IqJxUXzlugoDkEyey5Ewcp6RFhiMoHm-cxl
PZOTTL7SyIHkk9kiLImwYqHbBRmTgJva4VX4Y808LmTslQmT6N7EIfz-E2HZINBCKeKXIyqjGpm4
VuRjdc0-Q9f876RJnI

cookie attr
.AspNetCore.Identity.Application=CfDJ8Labg42Ph2VBp9zbMgWAc60I67FKD-oOamNZ_Zp
pLy0OccHNF1xxIsjDWxHjWuMu00oaqLAdIE3_z-20IqJxUXzlugoDkEyey5Ewcp6RFhiMoHm-cxl
PZOTTL7SyIHkk9kiLImwYqHbBRmTgJva4VX4Y808LmTslQmT6N7EIfz-E2HZINBCKeKXIyqjGpm4
VuRjdc0-Q9f876RJ
cookie attr expires=Sun, 11 Dec 2016 15:29:54 GMT
cookie attr path=/
cookie attr httponly=
cookie_dump() entered.
cookie file is /home/DLERMAN/mbvCookie.txt
recvchunk(): entered
get_chunk_size(): entered
152

chunk size = 338
get_chunk_size returned 338
calling comm_blockread
{"Claims":{"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidenti
fier":"ff66fbdf-72cb-4d02-af49-408915e80970","http://schemas.xmlsoap.org/ws/
2005/05/identity/claims/name":"Pitboss1","AspNet.Identity.SecurityStamp":"db
bac734-87e5-43b8-86cb-ea5f0e81e19e","http://schemas.microsoft.com/ws/2008/06
/identity/claims/role":"Pitboss"}}
comm_blockread returned 338


get_chunk_size(): entered
0

chunk size = 0
get_chunk_size returned 0
http_close(): entered
HTTPAPI Ver 1.32 released 2016-02-10
NTLM Ver 1.4.0 released 2014-12-22
OS/400 Ver V7R1M0

http_url_get(): entered
http_persist_open(): entered
http_long_ParseURL(): entered
DNS resolver retrans: 2
DNS resolver retry : 2
DNS resolver options: x'00000136'
DNS default domain: i5-microfirst.local
DNS server found: 192.168.200.254
DNS server found: 10.30.0.54
DNS server found: 10.0.0.11
Nagle's algorithm (TCP_NODELAY) disabled.
http_persist_get(): entered
http_persist_req(GET) entered.
http_long_ParseURL(): entered
http_long_ParseURL(): entered
do_oper(GET): entered
cookie_read(): read cookies from /home/DLERMAN/mbvCookie.txt
There are 1 cookies in the cache
cookie=.AspNetCore.Identity.Application not sent (expired)
GET /api/Orders HTTP/1.1
Host: 10.0.1.248
User-Agent: http-api/1.32


recvresp(): entered
HTTP/1.1 401 Unauthorized
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
Server: Kestrel
Date: Thu, 01 Dec 2016 15:30:01 GMT


SetError() #13: HTTP/1.1 401 Unauthorized
recvresp(): end with 401
recvdoc parms: chunked 0
SetError() #36: This page requires a user-id & password
http_close(): entered

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------