Watts (chipotle) wrote in lj_clients,

XML-RPC challenge clarification?

I've been working on a posting-only client written in Ruby, designed to be used as a 'filter' called from text editors. While what I have appears to be working, I started running into strange issues yesterday.

The client right now does the following:

  • Sends LJ.XMLRPC.getchallenge call
  • Computes response
  • Sends LJ.XMLRPC.login call
  • Verifies security and journal write access
  • Sends LJ.XMLRPC.postevent call

You can see in this process it only computes the response once, and sends the same one for both the login and postevent XML calls.

The strange issue is that this process consistently works on the test account on test.livejournal.org, and on Monday it did work posting to my real LiveJournal account... but yesterday (when I was ready to release the client, no less) and this morning it's produced an "invalid password" error. The password, however, is correct. And, to add further strangeness, if I comment out the login call, then the postevent call will work correctly.

So: is the problem here that I need to execute a second getchallenge call and compute a new response before I send the postevent call? And if so, why does it work on the test server, and why has it sometimes worked on the production one? (Is the challenge only good for a second or two?)

  • Post a new comment


    Comments allowed for members only

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened