So much trouble with the fingerprint check

dhenry0 · November 9, 2023, 3:15pm

This is in Java. The fingerprint is absolutely the same one as on my user page. This one is just an example. Is it the fingerprint format? The message format? The server lets me go a little further and then I get a 401 on /users/me.json.

post content: {“data”:{“gpg_auth”:{“keyid”:“ABBAABBAABBAABBAABBAABBAABBAABBAABBAABBA”,“server_verify_token”:null,“user_token_result”:null}}}

response code 200 body {“header”:{“id”:“b0d7beb3-a5a5-41ba-be0f-f4aaabf1f011”,“status”:“error”,“servertime”:1699501407,“action”:“a3c19ad2-8920-5395-86d0-8567cb34f382”,“message”:“The authentication failed.”,“url”:“/auth/login.json”,“code”:200},“body”:null}

antony · November 10, 2023, 7:22am

Hello @dhenry0, welcome to our community

Please, fill this template:

I have read intro post: About the Installation Issues category
I have read the tutorials, help and searched for similar issues
I provide relevant information about my server (component names and versions, etc.)
I provide a copy of my logs and healthcheck
I describe the steps I have taken to trouble shoot the problem
I describe the steps on how to reproduce the issue

We really need some context here in order to understand what is clearly happening there, which steps have been taken to be there, how could we reproduce etc…

antony · November 10, 2023, 7:50am

Also, if you are trying to use the API with Java and you’re experiencing some issues with the authentication, just in case you could take a look at how it’s done for our mobile application that uses Kotlin

dhenry0 · November 10, 2023, 4:29pm

I saw in the headers that X-GPGAuth-Error is not present, X-GPGAuth-Progress is stage1 and the session cookie expired 19 Nov 1981.

all headers: [Date: Fri, 10 Nov 2023 15:13:13 GMT, Content-Type: application/json, Transfer-Encoding: chunked, Connection: keep-alive, Server: nginx/1.18.0, Set-Cookie: passbolt_session=n341l41bvapedpqhuefprc0u1p; path=/; HttpOnly; SameSite=Lax, Expires: Thu, 19 Nov 1981 08:52:00 GMT, Cache-Control: no-store, no-cache, must-revalidate, Pragma: no-cache, strict-transport-security: max-age=31536000; includeSubDomains, x-permitted-cross-domain-policies: all, referrer-policy: same-origin, x-frame-options: sameorigin, x-download-options: noopen, x-content-type-options: nosniff, X-GPGAuth-Version: 1.3.0, X-GPGAuth-Login-URL: /auth/login, X-GPGAuth-Logout-URL: /auth/logout, X-GPGAuth-Verify-URL: /auth/verify, X-GPGAuth-Pubkey-URL: /auth/verify.json, Access-Control-Expose-Headers: X-GPGAuth-Verify-Response, Access-Control-Expose-Headers: X-GPGAuth-Progress, Access-Control-Expose-Headers: X-GPGAuth-User-Auth-Token, Access-Control-Expose-Headers: X-GPGAuth-Authenticated, Access-Control-Expose-Headers: X-GPGAuth-Refer, Access-Control-Expose-Headers: X-GPGAuth-Debug, Access-Control-Expose-Headers: X-GPGAuth-Error, Access-Control-Expose-Headers: X-GPGAuth-Pubkey, Access-Control-Expose-Headers: X-GPGAuth-Logout-Url, Access-Control-Expose-Headers: X-GPGAuth-Version, X-GPGAuth-Authenticated: false, X-GPGAuth-Progress: stage1,