Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save allquixotic/34c36951c4ba19dd47882e77a0f06d23 to your computer and use it in GitHub Desktop.
Save allquixotic/34c36951c4ba19dd47882e77a0f06d23 to your computer and use it in GitHub Desktop.
Enjin API in Rust (broken) vs. Python (works)
POST /api/v1/api.php HTTP/1.1
content-type: application/json
accept: application/json
host: www.enjin.com
content-length: 121
{
"jsonrpc": "2.0",
"id": 0,
"method": "User.login",
"params": {
"email": "redacted",
"password": "redacted"
}
}
HTTP/1.1 403 Forbidden
Date: Wed, 18 Jan 2023 22:17:05 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 16
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Set-Cookie: __cf_bm=redacted; path=/; expires=Wed, 18-Jan-23 22:47:05 GMT; domain=.www.enjin.com; HttpOnly; Secure
Server: cloudflare
CF-RAY: redacted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
error code: 1020
from jsonrpcclient import request
import requests
#This works.
resp = requests.post("https://www.enjin.com/api/v1/api.php", json=request("User.login", params={"email":"redacted","password":"redacted"}), proxies={'http':'http://127.0.0.1:9090', 'https':'http://127.0.0.1:9090'}, verify=False)
use jsonrpsee::{http_client::{HttpClientBuilder}};
use dotenvy::var;
use jsonrpsee::{core::{Error}, proc_macros::rpc};
#[rpc(client)]
pub trait User
{
#[method(name = "User.login", param_kind = map, blocking)]
fn login(&self, email: String, password: String) -> Result<String, Error>;
}
#[tokio::main]
async fn main() -> anyhow::Result<()> {
tracing_subscriber::FmtSubscriber::builder()
.with_env_filter(tracing_subscriber::EnvFilter::from_default_env())
.try_init()
.expect("setting default subscriber failed");
let email = var("email").expect("Required .env variable missing: email");
let password = var("password").expect("Required .env variable missing: password");
let website = var("website").expect("Required .env variable missing: website");
let proxy = var("proxy");
let mut client_builder = HttpClientBuilder::default();
match proxy {
Ok(p) => {
client_builder = client_builder.set_proxy(p);
},
Err(_) => ()
};
let client = client_builder.set_max_logging_length(99999999).build(format!("https://{}:443/api/v1/api.php", website)).unwrap();
let session_id = client.login(email, password).await;
match session_id {
Ok(sess) => println!("Session ID: {}", sess),
Err(e) => {
println!("Error: {}", e.to_string());
}
}
Ok(())
}
POST /api/v1/api.php HTTP/1.1
Host: www.enjin.com
User-Agent: python-requests/2.28.2
Accept-Encoding: gzip, deflate, br
Accept: */*
Connection: keep-alive
Content-Length: 131
Content-Type: application/json
{
"jsonrpc": "2.0",
"method": "User.login",
"params": {
"email": "redacted",
"password": "redacted"
},
"id": 4
}
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 01:09:03 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: api_auth=redacted; expires=Sat, 18-Feb-2023 01:09:03 GMT; Max-Age=2592000; path=/; HttpOnly
CF-Cache-Status: DYNAMIC
Pragma: no-cache
X-Backend-Server: web4.enjin.com
Set-Cookie: __cf_bm=redacted; path=/; expires=Thu, 19-Jan-23 01:39:03 GMT; domain=.www.enjin.com; HttpOnly; Secure; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: redacted
Content-Encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
{
"result": {
"session_id": "redacted",
#redacted - more data
},
"id": "4",
"jsonrpc": "2.0"
}
@allquixotic
Copy link
Author

This isn't a username/password issue. From Python, when I issue a request with an intentionally wrong password, I get this instead:

'{"id":"5","jsonrpc":"2.0","error":{"code":-32099,"message":"Invalid email or password."}}'

This is nothing at all like the error 1020 I get when submitting a request through jsonrpsee.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment