Opened 7 years ago

Closed 7 years ago

Last modified 7 years ago

#1016 closed defect (fixed)

oauth sends invalid timestamp format for postgresql db

Reported by: ayleph Owned by:
Priority: major Milestone:
Component: programming Keywords: oauth, api, timestamp
Cc: Parent Tickets:

Description

When using a client such as pypump to post content to GMG via the API, postgresql complains about an invalid timestamp syntax. Postgresql seems to expect a datetime string instead of Unix epoch integer.

DataError: (DataError) invalid input syntax for type timestamp: "1414412402"

Subtickets

Change History (3)

comment:1 Changed 7 years ago by ayleph

I was able to work around this on a dev instance with the following change. However, this may not be appropriate if a client sends a different format timestamp.

diff --git a/mediagoblin/oauth/oauth.py b/mediagoblin/oauth/oauth.py
index 8a60392..9b9bec1 100644
--- a/mediagoblin/oauth/oauth.py
+++ b/mediagoblin/oauth/oauth.py
@@ -18,6 +18,7 @@ from oauthlib.common import Request
 from oauthlib.oauth1 import RequestValidator

 from mediagoblin.db.models import NonceTimestamp, Client, RequestToken, AccessToken
+import datetime

 class GMGRequestValidator(RequestValidator):

@@ -64,7 +65,7 @@ class GMGRequestValidator(RequestValidator):
     def validate_timestamp_and_nonce(self, client_key, timestamp,
                                      nonce, request, request_token=None,
                                      access_token=None):
-        nc = NonceTimestamp.query.filter_by(timestamp=timestamp, nonce=nonce)
+        nc = NonceTimestamp.query.filter_by(timestamp=datetime.datetime.fromtimestamp(int(timestamp)), nonce=nonce)
         nc = nc.first()
         if nc is None:
             return True

comment:2 Changed 7 years ago by ayleph

Here's a more complete traceback of the error referenced in the description.

Error - <class 'sqlalchemy.exc.DataError'>: (DataError) invalid input syntax for type timestamp: "1414412402"
LINE 3: ...414412402' AND core__nonce_timestamps.timestamp = '141441240...
                                                             ^
 'SELECT core__nonce_timestamps.nonce AS core__nonce_timestamps_nonce, core__nonce_timestamps.timestamp AS core__nonce_timestamps_timestamp \nFROM core__nonce_timestamps \nWHERE core__nonce_timestamps.nonce = %(nonce_1)s AND core__nonce_timestamps.timestamp = %(timestamp_1)s \n LIMIT %(param_1)s' {'param_1': 1, 'nonce_1': u'148026768749583936371414412402', 'timestamp_1': u'1414412402'}
URL: https://pump.goblinrefuge.com/api/user/andrew/uploads
File '/path/to/mediagoblin/lib/python2.7/site-packages/Paste-1.7.5.1-py2.7.egg/paste/exceptions/errormiddleware.py', line 144 in __call__
  app_iter = self.application(environ, sr_checker)
File '/path/to/mediagoblin/lib/python2.7/site-packages/Paste-1.7.5.1-py2.7.egg/paste/urlmap.py', line 203 in __call__
  return app(environ, start_response)
File '/path/to/mediagoblin/mediagoblin/app.py', line 268 in __call__
  return self.call_backend(environ, start_response)
File '/path/to/mediagoblin/lib/python2.7/site-packages/Werkzeug-0.9.6-py2.7.egg/werkzeug/wsgi.py', line 588 in __call__
  return self.app(environ, start_response)
File '/path/to/mediagoblin/mediagoblin/app.py', line 245 in call_backend
  response = controller(request)
File '/path/to/mediagoblin/mediagoblin/decorators.py', line 413 in wrapper
  headers=dict(request.headers),
File 'build/bdist.linux-x86_64/egg/oauthlib/oauth1/rfc5849/endpoints/resource.py', line 87 in validate_protected_resource_request
File '/path/to/mediagoblin/mediagoblin/oauth/oauth.py', line 68 in validate_timestamp_and_nonce
  nc = nc.first()
File 'build/bdist.linux-x86_64/egg/sqlalchemy/orm/query.py', line 2295 in first
File 'build/bdist.linux-x86_64/egg/sqlalchemy/orm/query.py', line 2162 in __getitem__
File 'build/bdist.linux-x86_64/egg/sqlalchemy/orm/query.py', line 2366 in __iter__
File 'build/bdist.linux-x86_64/egg/sqlalchemy/orm/query.py', line 2381 in _execute_and_instances
File 'build/bdist.linux-x86_64/egg/sqlalchemy/engine/base.py', line 662 in execute
File 'build/bdist.linux-x86_64/egg/sqlalchemy/engine/base.py', line 761 in _execute_clauseelement
File 'build/bdist.linux-x86_64/egg/sqlalchemy/engine/base.py', line 874 in _execute_context
File 'build/bdist.linux-x86_64/egg/sqlalchemy/engine/base.py', line 1024 in _handle_dbapi_exception
File 'build/bdist.linux-x86_64/egg/sqlalchemy/util/compat.py', line 196 in raise_from_cause
File 'build/bdist.linux-x86_64/egg/sqlalchemy/engine/base.py', line 867 in _execute_context
File 'build/bdist.linux-x86_64/egg/sqlalchemy/engine/default.py', line 324 in do_execute
DataError: (DataError) invalid input syntax for type timestamp: "1414412402"
LINE 3: ...414412402' AND core__nonce_timestamps.timestamp = '141441240...
                                                             ^
 'SELECT core__nonce_timestamps.nonce AS core__nonce_timestamps_nonce, core__nonce_timestamps.timestamp AS core__nonce_timestamps_timestamp \nFROM core__nonce_timestamps \nWHERE core__nonce_timestamps.nonce = %(nonce_1)s AND core__nonce_timestamps.timestamp = %(timestamp_1)s \n LIMIT %(param_1)s' {'param_1': 1, 'nonce_1': u'148026768749583936371414412402', 'timestamp_1': u'1414412402'}

comment:3 Changed 7 years ago by Jessica Tallon

Resolution: fixed
Status: newclosed

This has been fixed as of 4fc1671d.

Note: See TracTickets for help on using tickets.